Snort mailing list archives
snort and dshield etc. reports
From: Security Dude <security () digital-magick com>
Date: Tue, 12 Nov 2002 16:17:30 -0700
I am apparently missing something in the configuration, I would like snort to ignore normal web traffic to my http server, normal dns to my dns server etc. how do I go about setting up snort so that 127.0.0.25:80 and 127.0.0.25:8080 would not be logged while still having everything else incoming to the fictional machine 127.0.0.25 being logged? More importantly if there is a way to keep snort from writing a line to the alerts file which I use to generate email to dshield, my pager, etc. that would be even better as I would have a log of valid traffic for later analysis (market research?) Thanks for your efforts on my behalf! Digital-Magick Media When mundane is not enough (801)748-0055 49 W Center St, Midvale, UT, 84047, USA magick () digital-magick com ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd522.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort and dshield etc. reports Security Dude (Nov 12)
- Re: snort and dshield etc. reports Erek Adams (Nov 12)