Snort mailing list archives
Re: Logs
From: "Josué Souza" <Josue () nexos com br>
Date: Tue, 15 Jul 2003 14:58:35 -0300
I'm a newbie on snort but maybe you should take a look at the flow rule option. It seems that this is used to apply rules to only one direction of the traffic. It's in section 2.3.35 of Snort Users Manual. Best regards, Josué José Souza Júnior Nexos Information Security josue () nexos com br +55 71 2106-9125 Salvador - Bahia - Brasil
Helder Miguel Rodrigues <crash () frew org> 07/15/03 01:19 >>>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello I have my workstation running snort with no probs. My workstation is directly connected to the internet via eth0! so I have in my config file: var HOME_NET $eth0_ADDRESS var EXTERNAL_NET !$HOME_NET But in acid it appears ATTACK RESPONSES 403 and my CHAT MSN messages, how can I prevent to log this things? I just want to log what came from the internet, not what goes to the internet. Thanks a lot -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-nr1 (Windows XP) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/FCmuXuDuuXe+pHkRAvS2AKCF/nMjoNfOPcT5Zne9AgJTz3rVegCgnVm2 jqdZRBrC8edooLSgQD6mqws= =O4Wx -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing & more. Download & eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users