Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Snort filters

From: "King, Ronald A." <raking () NSU EDU>
Date: Thu, 5 Feb 2009 09:29:47 -0500
We have implemented Snort in our environment and are "tweaking" the alerts.
I would like to inquire to those on the listserver as to which filters/rules
they see that trigger the most false positives in their environment.  So
much, that they have disabled, suppressed or modified.  You can reply to me
directly.  I can summarize the results if interested.



As always, thank you for your time.



Ronald King

Security Engineer

Norfolk State University

Marie V. McDemmond Center for Applied Research

Suite 401

700 Park Ave.

Norfolk, Virginia  23504

Phone:  757-823-3918

Email:  <mailto:raking () nsu edu> raking () nsu edu

 <http://security.nsu.edu> http://security.nsu.edu

Attachment: smime.p7s
Description:

Previous By Date Next
Previous By Thread Next

Current thread: