Bluehost.com Web Hosting $6.95

snort rule ?

This is a discussion on snort rule ? within the Snort forums, part of the System Security and Security Related category; am i writing this rule correctly? i want to log any email that contains a file with the .exe extension. ...


Go Back   Usenet Forums > System Security and Security Related > Snort

Reload this Page snort rule ?

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 11-03-2006
abstractclass
 
Posts: n/a
Default snort rule ?
am i writing this rule correctly?
i want to log any email that contains a file with the .exe extension.
also is there a way to specify to log as binary for better efficiency?

thanks!


log tcp any 25 -> any 25 (content: ".exe"; msg: "file type .exec
matched"; logto: "mail.log";)

Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On




All times are GMT +1. The time now is 04:00 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0