Menu
▾
▴
[Snort-inline-users] Re: change in 2.3.3 & 2.4.3 ?????????
|
From: Will M. <wil...@gm...> - 2006-01-23 15:27:06
|
huh? On 1/23/06, ni...@el... <ni...@el...> wrote: > Hi, > > for testing I have following rules in my experimental.rules file > > alert tcp any any -> any any (msg:"Nishit Test0"; content:"nishit";) > drop tcp any any -> any any (msg:"Nishit Test"; content:"root";) > > and I had done telnet on 1 machine through snort_inline(2.4.3) & gave > username as "nishit" (user nishit doesn't exists on telnet server !!!!!) > and after that I tried with username "root" & traffic hadn't blocked..... > > In 2nd try I had done telnet on same machine & gave username as "root" & > my traffic blocked... ???????? > > Why ????? > > Regards, > Nishit Shah. > |
