Quote:
Originally Posted by unSpawn
Could you please search for that string in the Snort .*.rules files?
|
[mine@linux root]# grep -i ftp /etc/snort/*.rules*
[mine@linux root]# grep -i comm /etc/snort/*.rules*
[mine@root root]# ls -lotr /etc/snort/
total 224
-rw-r--r-- 1 root 53841 Oct 20 2003 unicode.map
-rw-rw-r-- 1 root 1567 Dec 3 09:04 vrt.rules.good
-rw-rw-r-- 1 root 83865 Dec 3 09:04 snort.conf.good
-rw-rw-r-- 1 root 1567 Dec 13 13:14 vrt.rules
-rw-rw-r-- 1 root 83882 Dec 13 13:14 snort.conf
nothing there. btw im running:
Linux version 2.4.21-zoobah.34smp (zoobah@mine.com) (gcc version 3.2.3 20030502 (Red Hat Linux 3.2.3-34)) #1 SMP Tue Jul 22 22:01:23 MDT 2008