NIPS Rules

[Manojit Ghosh via Snort-users <snort-users () lists snort org>]

Hi,

I have installed Snort 2.9.9.0 on windows 7 professional 32 bit and running
it using the command snort -i 3 -c C:\Snort\etc\snort.conf -A fast. In the
alert.ids file, I see a lot of reset outside window alerts, such as this,
08/21-23:16:37.473511  [**] [129:15:1] Reset outside window [**]
[Classification: Potentially Bad Traffic] [Priority: 2] {TCP}
XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:443 -> XXXX:XXXX:XXXX:XXXX:XXXX:57462.
I have reason to believe that these alerts are the result of malicious
activities. I want to protect my network from these attacks. Please provide
me the precise instructions to prevent these attacks, i.e. the rule(s), the
file to place the rule(s) in, & the location of the file.

-- 
Manojit Ghosh
CEO, A Joshing Moth
ajoshingmoth.blogspot.in

*Disclaimer:*
This e-mail contains privileged and confidential information intended
solely for the use of the addressee(s). If you are not the intended
recipient, please notify the sender by e-mail and delete the original
message. Further, you are not to copy, disclose, or distribute this e-mail
or its contents to any other person and any such actions are unlawful. This
e-mail may contain viruses. The sender has taken every reasonable
precaution to minimize this risk, but is not liable for any damage you may
sustain as a result of any virus in this e-mail. You should carry out your
own virus checks before opening the e-mail or attachment. The sender
reserves the right to monitor and review the content of all messages sent
to or from this e-mail address. Messages sent to or from this e-mail
address may be stored on the e-mail system.
*End of Disclaimer*

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!