Snort mailing list archives
Re: Snort rules
From: Y M via Snort-users <snort-users () lists snort org>
Date: Mon, 23 Jul 2018 17:54:01 +0000
The very same request was asked yesterday on the snort-sigs list, I believe. The rules to detect SSH brute force attempts is sid:19559 and exists in the indicator-scan.rules file. You can register to Snort website via https://www.snort.org/users/sign_up and download the rules tarball and look for the signature you are looking for. ________________________________ From: Snort-users <snort-users-bounces () lists snort org> on behalf of jeanmicheltangue via Snort-users <snort-users () lists snort org> Sent: Sunday, July 22, 2018 7:22 PM To: Snort-users () lists snort org Subject: [Snort-users] Snort rules if it's an emergency .. I need the rule that triggers an alert automatically when more than two or three ssh login attempts have been made Envoyé depuis mon smartphone Samsung Galaxy.
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Snort rules Jean Michel Tangué via Snort-sigs (Jul 22)
- Re: Snort rules Y M via Snort-sigs (Jul 22)
- <Possible follow-ups>
- Snort rules Jean Michel Tangué via Snort-sigs (Jul 22)
- Re: Snort rules Y M via Snort-sigs (Jul 22)
- Snort rules jeanmicheltangue via Snort-users (Jul 23)
- Re: Snort rules Y M via Snort-users (Jul 24)
- Snort rules jeanmicheltangue via Snort-users (Jul 23)
- Re: Snort rules Y M via Snort-users (Jul 24)
- snort rules Jean Michel Tangué via Snort-sigs (Jul 23)
- Re: snort rules Joel Esler (jesler) via Snort-sigs (Jul 23)
- Re: snort rules wkitty42--- via Snort-sigs (Jul 23)
- Re: snort rules Joel Esler (jesler) via Snort-sigs (Jul 23)