Honeypots: Tracking Hackers

Appendix B. Snort Configuration File

Snort is an OpenSource Intrusion Detection System that, with honeypots, is primarily used for data capture. This is the configuration file for Snort, Version 1.8.3. What is unique about this configuration file is that it captures and logs every packet and its full payload. This is also the standard configuration used by the Honeynet Project.

 #-------------------------------------------------- # http://www.snort.org Snort 1.8.1 Ruleset # Contact: snort-sigs@lists.sourceforge.net #-------------------------------------------------- # NOTE:This ruleset only works for 1.8.0 and later #-------------------------------------------------- # # Last Updated by the Honeynet Project # 01 March, 2002 var HOME_NET 10.1.1.0/24 ...

Get Honeypots: Tracking Hackers now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Honeypots: Tracking Hackers by Lance Spitzner

Appendix B. Snort Configuration File

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly