Snort mailing list archives
RE: Not ignoring DNS servers
From: Paul Slinski <pauls () globaliqx com>
Date: Thu, 6 Sep 2001 14:14:45 -0400 (EDT)
That appears to be a windoze problem. I have a small firewall set up at home for the house to browse though and the only hosts that generate that error are the windoze machines. There's my tidbit... -Paul On Thu, 6 Sep 2001, Snoopy wrote:
Date: Thu, 6 Sep 2001 14:15:32 -0400 From: Snoopy <wayne () cybergnostic com> To: Paul Slinski <pauls () globaliqx com>, snort-users () lists sourceforge net Subject: RE: [Snort-users] Not ignoring DNS servers Dudes, I have the same problems somewhat. I have even put the IPs in the preprocessor line instead of the $DNS_SERVER variable. Actually I have tried both ways. I am running the Windows port of snort on a win2k box. The error is MISC source port 53 to < 1024 10.X.X.X 10.Y.Y.Y UDP. We are running What's Up as a SNMP trap monitor as well as some service monitoring. Wayne -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of Paul Slinski Sent: Thursday, September 06, 2001 1:50 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Not ignoring DNS servers I have snort set up the following way in snort.conf (snort rules from snort site): var DNS_SERVERS [206.191.0.140/32,206.191.0.210/32] and preprocessor portscan-ignorehosts: $DNS_SERVERS
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Not ignoring DNS servers Paul Slinski (Sep 06)
- RE: Not ignoring DNS servers Snoopy (Sep 06)
- RE: Not ignoring DNS servers Paul Slinski (Sep 06)
- Re: Not ignoring DNS servers Italo Antonio (Sep 06)
- <Possible follow-ups>
- RE: Not ignoring DNS servers Paul Slinski (Sep 06)
- RE: Not ignoring DNS servers Snoopy (Sep 06)