Snort mailing list archives
Snort Virus Detector
From: "Jimmy Norton" <jnorton () nova edu>
Date: Mon, 29 Mar 2004 10:53:35 -0500
Hello, All- My director has put me in charge of building a system that can help detect machines on our network that are infected with various viruses. I have built a Snort box using Red Hat Fedora Core 1, MySQL, PHP, and ACID. The machine is snorting and posting alerts. However, I am having trouble writing rules that effectively detect the type of traffic these various malicious agents create. Does anyone have any experience writing rules for this purpose? I'd appreciate any help. Thanks in advance. Jimmy Norton ~~~~~ Network Security Specialist Nova Southeastern University ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Virus Detector Jimmy Norton (Mar 29)
- <Possible follow-ups>
- RE: Snort Virus Detector Williams Jon (Mar 29)