Tuesday, February 06, 2007

Snort Report 3 Posted

My third Snort Report has been posted. Using the snort.conf file built in the second Snort Report, I show how Snort can detect suspicious activity without using any rules or dynamic preprocessors. Granted, the examples are somewhat limited, but you get the idea. The purpose of these articles is to develop an intuitive understanding of Snort's capabilities, starting with the basics and becoming more complicated.

No comments: