Home page logo

snort logo Snort mailing list archives

rules file doesn't work properly, no DoS or portscan detected...
From: Gijs van der Velden <gijsvandervelden () live nl>
Date: Fri, 24 May 2013 17:31:12 +0200

Hello everyone,

I've managed to setup snort on Windows Server 2012 and successfully run it, however DoS or portscan  attacks are not 
being logged... 

I tried doing a nmap scan and a 10 sec DoS with loic, but neither where loged.

I've made a post about this here: http://winsnort.com/index.php?name=PNphpBB2&file=viewtopic&p=4554#4554
and tried out the test rule which logs everything.
That rule did work fine.

Anyone knows how I can resolve this and use snort to detect incoming DoS and DDoS attacks?



Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]