Too many questions

["Alireza Naderi" <alireza () panaisp net>]

Hi All

I have too many questions about snort and its configuration
If any one know the answers, kindly explian it or tell me how can
i find the answers (documents and etc)

1.how can i tell to snort that classification the alerts
to for example critical and normal ,...?

2.how can i tell to it that will mailing the critical alerts?

3.what is sensor_name in configuration files and which work
is that doing?

4.what is TAC_Pipe_1 that i read in snort documents (freebsd)
had written that "sensor_name=TAC_Pipe_1"?

5.how can i configure it that will not making alerts if the
192.168.12.3 attempt to snmp and make alerts if that ip attempt
to other types of attack?

6.how can i tell to snort that block the source address of icmp
attack or other kinds of attack?

7.is it possible that it execute a command on the remote machine
for example change the password if detect a specific attack?

8.how can i tell to snort that listen on two nic (eth0, eth1)?

Thanks in advance
Alireza








-------------------------------------------------------
This sf.net email is sponsored by: 
Battle your brains against the best in the Thawte Crypto 
Challenge. Be the first to crack the code - register now: 
http://www.gothawte.com/rd521.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users