FA 5.0 and Snort
Hi all,
My FA appears not work fine with Snort Logs. Follow my environment:
- FA installed into Win2003 Server listening in UDP/1514
- Snort 2.8.1 installed into Fedora Core 7 and using syslog-ng
I can see, via Microsoft Network Monitor, the UDP/1514 connection from snort to FA server.
Sometimes logs are process by FA, sometimes no...
Snort log format like:
01/27/09-16:58:44.176598 * [1:10995:3] SMTP possible BDAT DoS attempt * [Classification: Detection of a Denial of Service Attack] [Priority: 2] {TCP} YYY.YYY.YYY.YYY:13511 -> XXX.XXX.XXX.XXX:25
Does any one know what happens?
Thanks a lot.
My FA appears not work fine with Snort Logs. Follow my environment:
- FA installed into Win2003 Server listening in UDP/1514
- Snort 2.8.1 installed into Fedora Core 7 and using syslog-ng
I can see, via Microsoft Network Monitor, the UDP/1514 connection from snort to FA server.
Sometimes logs are process by FA, sometimes no...
Snort log format like:
01/27/09-16:58:44.176598 * [1:10995:3] SMTP possible BDAT DoS attempt * [Classification: Detection of a Denial of Service Attack] [Priority: 2] {TCP} YYY.YYY.YYY.YYY:13511 -> XXX.XXX.XXX.XXX:25
Does any one know what happens?
Thanks a lot.
Topic Participants
andresaitomm
support+user
New to M365 Manager Plus?
New to M365 Manager Plus?
New to RecoveryManager Plus?
New to RecoveryManager Plus?
New to Exchange Reporter Plus?
New to Exchange Reporter Plus?
New to SharePoint Manager Plus?
New to SharePoint Manager Plus?
New to ADManager Plus?