Snort mailing list archives

Previous By Date Next
Previous By Thread Next

ACID wishlist

From: Michael Boman <michael.boman () securecirt com>
Date: Tue, 18 Dec 2001 11:51:21 +0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It would be nice if you could do (in ACID) negative queries, like:

IP address x.x.x.x as source or dest, but NOT with this signature

Also, spp_anomsensor (SPADE) should not be displayed as a portscan, should it?

Best regards
 Michael Boman

- -- 
Michael Boman       Mobile: +65 96942601  750C Chai Chee Road
Security Architect  Phone : +65 243 6800  #04-01
SecureCiRT          Fax   : +65 441 5119  Singapore 469003
http://www.securecirt.com mailto:michael.boman () securecirt com

GnuPG: FA4E C6CC B73E 320E 3349  C64F 76CE 5F40 98AB 689C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8Hr09ds5fQJiraJwRAloYAJoC2f0crmDlZwjL2SKYUdKP5KSQNACdEhs4
/WOq7bEAcTDZojC9pkmRFEY=
=9Aa5
-----END PGP SIGNATURE-----

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: