Hi, I don’t know what I got wrong, I even went back to the IDS course to check how it was done. The bash file only detects 1 rule but I don’t know why only one, I thought both are right.
my rules are:
alert tcp any any xxx any 1337 (msg:“LEET Detected”;sid:1;)
alert tcp any 1337 xxx any any (msg(“LEET Detected”;sid:2;)
(answers redacted by admin)
.