Snort mailing list archives
Re: Eliminating rulesets
From: Jeff Elkins <jeff () elkins org>
Date: Sat, 9 Feb 2002 19:26:41 -0500
Thanks. I'll research invert before I repost. Wouldn't want to make someone drink an extra beer :) Jeff On Saturday 09 February 2002 06:08 pm, you wrote:
On Sat, Feb 09, 2002 at 01:42:42PM -0500, Jeff Elkins wrote:I'm not trying to promote alcohol usage, but I have a newbie question: I'm evaluating Snort on a Linux DSL/firewall box that also serves as a mail server and webserver (Sendmail/Apache). The boxen inside the firewall are all Linux as well. I've commented out the Microsoft-specific rulesets (IIS,Frontpage and Cold Fusion). Other than statistics gathering, is there any reason I'd want them applied?You might want to invert them.I was getting a _bunch_ of IIS alerts before I turned them off, btw. Thanks, Jeff Elkins _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Eliminating rulesets Jeff Elkins (Feb 09)
- Re: Eliminating rulesets Jeff Elkins (Feb 09)
- Re: Eliminating rulesets Phil Wood (Feb 09)
- Re: Eliminating rulesets Jeff Elkins (Feb 09)