Thanks Michael Rash, you cleared my confusion. i was always confused about
the way they work together.
Thanks for designing such a wonderful product.
On Tue, Nov 11, 2014 at 6:29 PM, Michael Rash
wrote:
>
> On Mon, Nov 10, 2014 at 8:12 AM, Muhammad Yousuf Khan
> wrote:
>
>> Thanks for sharing,
On Mon, Nov 10, 2014 at 8:12 AM, Muhammad Yousuf Khan
wrote:
> Thanks for sharing, but just confirming as i am not native english
> speaker.
> correct me if i am wrong. what i am getting from your email is that,
> fwsnort daemon work individually and inspect all the traffic coming through
> the i
Thanks for sharing, but just confirming as i am not native english speaker.
correct me if i am wrong. what i am getting from your email is that,
fwsnort daemon work individually and inspect all the traffic coming through
the interface. ones its finds any packet matching in snore rule, it trigger
an
On Sat, Nov 8, 2014 at 3:42 PM, Muhammad Yousuf Khan
wrote:
> Thanks for sharing Micheal it is very informative i will start working on
> this on monday.
> but i also have another question for my learning that iptables logs are
> very limited. and what PSAD does is just read the iptable logs and
Thanks for sharing Micheal it is very informative i will start working on
this on monday.
but i also have another question for my learning that iptables logs are
very limited. and what PSAD does is just read the iptable logs and make the
decisions set in conf file and signature file.
i had experien
On Fri, Nov 7, 2014 at 9:24 AM, Muhammad Yousuf Khan
wrote:
> HI,
>
> Can anyone please explain that how can i make custom rule.
> i can see rules in /etc/psad/signatures however i can not understand the
> format.
> can anyone throw some light on this.
>
> for example if i want to trigger an alar
