[Solved] TCP SYN flood attacks
Dear Prelude teams
Happy new year
I'm testing prelude in order to detect some famous network attacks for my thesis as a Forensic investigations.
I used to test the Prelude with attack of TCP SYN Flood and I realized that the Prelude did not detect it at all!!!!!!!!
Is it truth that Prelude does not detect TCP SYN Flood attacks OR I missed some configurations??
By the way, the agents that I'm using are:
If you like to email me, my email is sts2010 at google mail dot com
RE: TCP SYN flood attacks - Added by Antoine LUONG over 6 years ago
You need to install and connect some dedicated network sensors like Suricata in order to detect such attacks.
See InstallingAgentThirdpartySuricata for more details.