Good evening from Singapore,
I have the following alert "A Network Trojan was Detected" in my Snort Intrusion Detection System (IDS) which is in my pfSense Network Security Appliance.
Thread: [Snort-users] Snort IDS in pfSense Network Security Appliance: "A Network Trojan was Detected"
URL:
https://lists.snort.org/pipermail/snort-users/2018-October/071833.html
Is there any way I can use wireshark to pin-point the operating system process in memory or filesystem object which is triggering the above-mentioned Snort IDS/IPS alert? I am hoping to know which executable file is triggering this IDS/IPS alert.
Please advise.
Thank you very much.
===BEGIN SIGNATURE===
Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 30 Oct 2017
[1]
https://tdtemcerts.wordpress.com/
|
tdtemcerts.wordpress.com
Historical Records, Office of the Grand Historian
|
[2]
http://tdtemcerts.blogspot.sg/
|
tdtemcerts.blogspot.sg
Historical Records, Office of the Grand Historian
|
[3]
https://www.scribd.com/user/270125049/Teo-En-Ming
===END SIGNATURE===