|
Title: snort rules to block hack attempts Post by: bangsters on Wednesday 29 September 2010, 12:54:35 am Hi.
One of my client's sites is getting bombarded by card scanning, where a user tries his shopping cart to test the validity of cards. They are getting denied fro the authorize.net backend. However, he is still able to test other cards even if they get blocked.... I tried block his IP range, but then there other IPs that get blocked altogether. Is there a snort rule to prevent such? I have enabled IPS and some rules, but not sure if there is a specific rule to block such attempt. Thanks |