What is the best way to have snort detect network worms, I know this
depends on the virus, and then once detected send an email stating that.
Is the only method to create a custom rule depending on the virus or
does snort have some rules built in that will detect some netowrk worms
or all?
For example if you have a firewall and want to detect when a network
worm is active on one side of the frewall is snort the way to do it?
Jim
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)