Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: newbq: snort working, getting hits, got sig id's. What now?

From: waldo kitty <wkitty42 () windstream net>
Date: Sat, 01 Dec 2012 11:35:18 -0500
On 11/30/2012 23:31, Tony Robinson wrote:

you did the easy part in setting up your IDS, the hard part is making
determinations based on what you know.


and getting this far and really digging into the traffic that snort brings to 
attention will further enhance one's networking knowledge :)


some things to make it easier:
if the rule is a vrt rule, the file opensource.gz on snort.org while massive.
has documentation on a boatload of rules they have released. additionally the
rule search on snort.org can give you good information as well:
http://www.snort.org/search


definitely... and uncle google can also point to a world of information ;)

------------------------------------------------------------------------------
Keep yourself connected to Go Parallel: 
INSIGHTS What's next for parallel hardware, programming and related areas?
Interviews and blogs by thought leaders keep you ahead of the curve.
http://goparallel.sourceforge.net
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: