Thursday, January 10, 2013

How to use custom Snort Rules in IBM Provincia GX 5108

2:08 AM  Miraclesoul  No comments


How to use custom Snort Rules in IBM Provincia GX 5108











alert tcp any any -> 46.236.100.36 80 (msg:"PTCL local.se accessed"; content:"local.se"; nocase; sid:5001;)

 NOTE: if the content:"" parameter is not defined, the IPS will not be able to log the events, as it looks content in the packets

Posted in:

0 comments:

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More