• Support
  • Forums
  • Blogs

Problems to detect Denial of Service Attack

NefiscoNefisco

New Life Form
Hi, i'm trying to detect a DoS attack from Kali Linux to certain hosts.

at first i do a Nessus scan to check the host vulnerabilities, and a Sparta scan to see the open ports, this part was OK, OSSIM detect the Nessus as a Brute Force attack. 

Nessus Scan Result

Secondly, i start a DoS against some open ports using both Slowloris and Siege, but OSSIM doesn't detect these attacks.

I try to suppress (comment) the rules against DoS and Http-Events from NIDS, but nothing happeed.
Also, i try to add some rules (from Snort and Suricata) to the NIDS (and uncomment the default  DoS and Http-Events rules), and nothing.
and finally i try to create my own policy and directives.


Policy


Directive

And nothing, again.
someone can help me?

thanks in advance

Share post:

Sign In or Register to comment.