Re: Ignoring SNMP from specific addresses?

[Matt Richard <matt.richard () fandm edu>]

Either one would indeed work.

Would you consider, at some time, adding an SNMP_SERVERS option that 
works just like SMTP_SERVERS in snort.conf?

Thanks for the tip,

Matt

> On Mon, 10 Mar 2003, Matt Richard wrote:
>
> >  I'd like to ignore all SNMP requests from our network management
> >  server, which is in a different subnet from my HOME_NET subnet.
> >
> >  Is there an SNMP_SERVERS option, or something like that, that I can
> >  add to my snort.conf file?  Or would you just suggest adding that
> >  server's IP address into my HOME_NET variable?  I want to look for
> >  other bad stuff that may come from that subnet, but I don't care to
> >  know how often that server does a new discovery cycle.
>
> Two ways.  Read about them in the docs, or a summary [0].
>
> Cheers!
>
> -----
> Erek Adams
>
>    "When things get weird, the weird turn pro."   H.S. Thompson
>
> [0]     http://www.theadamsfamily.net/~erek/snort/ignore.txt


--
Matt Richard
Access and Security Coordinator
Franklin & Marshall College
matt.richard () fandm edu
(717) 291-4157


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users