Snort mailing list archives
letdown, dos attempt not detecting
From: Leonardo Pezente <lmpezente () gmail com>
Date: Tue, 11 Dec 2012 14:45:59 -0200
im testing snort attacking it with a tool called "letdown".it is a tcp floder. The think is: im not able to detect what could be a potencial dos attack. Letdown generate like 65000 syn packets, so this should be detect fot snort. I have uncomment the dos and ddos rules, but no deal. so im tring to create a rule to detct this kind of traffic. Is that possible? any idea how i can do that?
------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- letdown, dos attempt not detecting Leonardo Pezente (Dec 11)
- Re: letdown, dos attempt not detecting Russ Combs (Dec 11)
- Re: letdown, dos attempt not detecting Leonardo Pezente (Dec 11)
- Re: letdown, dos attempt not detecting Jeremy Hoel (Dec 11)
- Re: letdown, dos attempt not detecting Leonardo Pezente (Dec 11)
- <Possible follow-ups>
- Re: letdown, dos attempt not detecting Y M (Dec 11)
- Re: letdown, dos attempt not detecting Y M (Dec 11)
- Re: letdown, dos attempt not detecting Leonardo Pezente (Dec 11)
- Re: letdown, dos attempt not detecting Y M (Dec 11)
- Re: letdown, dos attempt not detecting Russ Combs (Dec 11)