Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort Rule

From: Shane Corridon via Snort-users <snort-users () lists snort org>
Date: Thu, 29 Mar 2018 14:26:54 +0100
 Hi

Would I be able to use snort to sniff network traffic and check weather a
new installation is transfering large amounts of data around the network,
that it should not be sending?

Thank you for your help

On 29 March 2018 at 14:09, <wkitty42 () windstream net> wrote:


On 03/29/2018 08:33 AM, Shane Corridon via Snort-users wrote:


Hi All,

I am looking for a rule to scan the computer after a new program has been
installed and return any alarming results or return an "Everything is
normal" result.




snort is not the right tool for this... snort only sniffs network traffic
and packet capture (aka pcap) files of network traffic...


--
 NOTE: No off-list assistance is given without prior approval.
       *Please keep mailing list traffic on the list unless*
       *a signed and pre-paid contract is in effect with us.*

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!

Please follow these rules: https://snort.org/faq/what-is-
the-mailing-list-etiquette


_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Previous By Date Next
Previous By Thread Next

Current thread: