Snort mailing list archives
Rule set for specific service...!!
From: kamesh_rajaram () sify com
Date: Tue, 29 Jan 2002 15:22:39 +0600 (IST)
Snort & Demarc : ============== They monitor a web server & a database server. What kind of rules should be used to make it work effectively, by not giving unwanted/irrelevant alerts. The standard rule set has all kinds of alerts. I want it to be only for the above mentioned services. For example: TFTP rules need not bother my NIDS. It will be waste of time and a overhead for my monitor. I just need an optimized rule set for my purpose. Is there anything available like that...?? Tell me a normal/standard solution, if any, to this. Or how do i do it..?? Bye, Kamesh. ------------------------------------------------- This mail helped a tree grow. Know more at http://green.sify.com Take the shortest route to success! Click here to know how http://education.sify.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rule set for specific service...!! kamesh_rajaram (Jan 29)