Re: NIPS Rules

[Manojit Ghosh via Snort-users <snort-users () lists snort org>]

I was hoping to block them using snort. I am in a wireless network.

On Mon, Aug 21, 2017 at 11:55 PM, Manojit Ghosh <a46105 () gmail com> wrote:

> Hi,
>
> I have installed Snort 2.9.9.0 on windows 7 professional 32 bit and
> running it using the command snort -i 3 -c C:\Snort\etc\snort.conf -A fast.
> In the alert.ids file, I see a lot of reset outside window alerts, such as
> this, 08/21-23:16:37.473511  [**] [129:15:1] Reset outside window [**]
> [Classification: Potentially Bad Traffic] [Priority: 2] {TCP}
> XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:443 ->
> XXXX:XXXX:XXXX:XXXX:XXXX:57462. I have reason to believe that these
> alerts are the result of malicious activities. I want to protect my network
> from these attacks. Please provide me the precise instructions to prevent
> these attacks, i.e. the rule(s), the file to place the rule(s) in, & the
> location of the file.
>
> --
> Manojit Ghosh
> CEO, A Joshing Moth
> ajoshingmoth.blogspot.in
>
> *Disclaimer:*
> This e-mail contains privileged and confidential information intended
> solely for the use of the addressee(s). If you are not the intended
> recipient, please notify the sender by e-mail and delete the original
> message. Further, you are not to copy, disclose, or distribute this e-mail
> or its contents to any other person and any such actions are unlawful. This
> e-mail may contain viruses. The sender has taken every reasonable
> precaution to minimize this risk, but is not liable for any damage you may
> sustain as a result of any virus in this e-mail. You should carry out your
> own virus checks before opening the e-mail or attachment. The sender
> reserves the right to monitor and review the content of all messages sent
> to or from this e-mail address. Messages sent to or from this e-mail
> address may be stored on the e-mail system.
> *End of Disclaimer*



-- 
Manojit Ghosh
CEO, A Joshing Moth
ajoshingmoth.blogspot.in

*Disclaimer:*
This e-mail contains privileged and confidential information intended
solely for the use of the addressee(s). If you are not the intended
recipient, please notify the sender by e-mail and delete the original
message. Further, you are not to copy, disclose, or distribute this e-mail
or its contents to any other person and any such actions are unlawful. This
e-mail may contain viruses. The sender has taken every reasonable
precaution to minimize this risk, but is not liable for any damage you may
sustain as a result of any virus in this e-mail. You should carry out your
own virus checks before opening the e-mail or attachment. The sender
reserves the right to monitor and review the content of all messages sent
to or from this e-mail address. Messages sent to or from this e-mail
address may be stored on the e-mail system.
*End of Disclaimer*

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!