Snort mailing list archives
Re: strem5 session hijacked produce a lot of alerts with lb firewalls
From: Joel Esler <jesler () sourcefire com>
Date: Wed, 6 Apr 2011 13:10:12 -0400
Yes. With a suppression. Tie the suppression to an ip of the firewall. see threshold.conf for details (or README.filters) On Wed, Apr 6, 2011 at 12:55 PM, carlopmart <carlopmart () gmail com> wrote:
On 04/06/2011 06:49 PM, Joel Esler wrote:Are you talking about gid:129, sid 9 and 10?Yes.Comment them out in the preproc.rules, or suppress the alerts.I know but, can not be disabled for the firewalls (and only for the firewalls), for example?? -- CL Martinez carlopmart {at} gmail {d0t} com ------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Joel Esler | http://blog.snort.org | http://vrt-blog.snort.org | http://blog.clamav.net Twitter: http://twitter.com/snort
------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- strem5 session hijacked produce a lot of alerts with lb firewalls carlopmart (Apr 06)
- Re: strem5 session hijacked produce a lot of alerts with lb firewalls carlopmart (Apr 06)
- Re: strem5 session hijacked produce a lot of alerts with lb firewalls Joel Esler (Apr 06)
- Re: strem5 session hijacked produce a lot of alerts with lb firewalls carlopmart (Apr 06)
- Re: strem5 session hijacked produce a lot of alerts with lb firewalls Joel Esler (Apr 06)
- Re: strem5 session hijacked produce a lot of alerts with lb firewalls carlopmart (Apr 06)
- Re: strem5 session hijacked produce a lot of alerts with lb firewalls Joel Esler (Apr 06)
- Re: strem5 session hijacked produce a lot of alerts with lb firewalls carlopmart (Apr 06)