Closed. This question is off-topic. It is not currently accepting answers.开发者_如何学C Want to improve this question? Update the question so it's on-topic for Stack Overflow.
I know detection of packets using snort and wireshark. Now my question is how to block this detected packet using snort. And give me idea about how to create custom rules snort?
I read somewhere that it wasn\'t possible to specify multiple p开发者_如何学运维orts to exclude for shellcode is that correct? if not is the following
I have currently installed Snort 2.9.0.4开发者_开发百科 on Fedora 14 . The Snort IDS Mode is running perfectly, I want to Implement an IPS from the Snort IDS.. I am completely New to linux environment
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
anyone can give me some opinion about this code? #!/usr/local/bin/perl use File::Tail; $file = File::Tail -> new(\"/var/log/snort/snort.log.1301090101\");
I\'m captured the traffic with this command /usr/loca/bin/snort -ieth0 -l /var/log/snort since behind i 开发者_如何学JAVAnever put -b so it\'s not binary file..
I am writing a Perl program to read a Snort log file. I run Fedora 14 using VMware. When using the command /usr/loca/bin/snort -r /var/log/snort/snort.log.1299686068 I get the result:
I would like to know, is there a conversion library for converting string patterns to PCRE regular Expression patterns.
I 开发者_C百科am trying to create a rule for snort to basically log any packets once a user tries to access a page with the word \"malware\" in it. This is what I have, just asking for some guide. So