Snort mailing list archives
Trojans and snort
From: stephanie sokhn <sokhnstephanie () hotmail com>
Date: Mon, 21 Apr 2014 16:28:15 +0200
hello, I've downloaded a trojan on ubuntu 12.04 and accessed its shell from backtrack using metasploit. The thing is that all the alerts received from snort were about BAD-TRAFFIC loopback traffic and nothing more.Is there something wrong with my configuration? shouldn't snort detect this kind of exploits?Is there any additional predefined rules for snort IPS that drop packets ? would appreciate any kind of help.
------------------------------------------------------------------------------ Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Trojans and snort stephanie sokhn (Apr 21)
- Re: Trojans and snort Joel Esler (jesler) (Apr 21)
- <Possible follow-ups>
- Re: Trojans and snort Joel Esler (jesler) (Apr 21)