Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Newbie Question on using snort

From: "IS Technical Services" <IS.TechSvc () clericalmedical com>
Date: Wed, 12 Nov 2003 14:12:30 +0100
I've been given the job of setting up snort in our environment and I've managed to get it all working on windows - 2 
slave sensors logging to a master sensor. It produces alerts although maybe not as many as I'd expect but anyway. I've 
also got and read most of Brian Caswell's Snort 2.0 book. What I'm trying to find though are some good websites or 
books that explain how to customise the snort installation and why you would leave out certain rules and include 
others. Additionally, I'm also interested in finding information on how to read the alerts or rather what is alert xyz 
actually telling me. 
 
Apologies if these are fairly brain-dead questions but my network analysis experience is fairly limited. 
 
thanks
 
Rupert Broad
 
 


***********************************************************************
The information contained in this E-mail is confidential and may be
subject to legal privilege. Access to this E-mail by anyone other than
the intended recipient is unauthorised.If you are not the intended
recipient, you must not use, copy, distribute or disclose the E-mail or
any part of its contents or take any action in reliance on it. If you
have received this E-mail in error, please notify us immediately by
E-mail or telephone. All reasonable precautions have been taken to
ensure no viruses are present in this E-mail. As Clerical Medical cannot
accept responsibility for loss or damage arising from the use of this
E-mail or attachments we recommend that you subject these to your virus
checking procedures prior to use.
Part of the HBOS Group
Clerical Medical Investment Group Limited 
Registered Office 33 Old Broad Street 
London EC2N 1HZ
Registered in England and Wales, Registered No. 3196171 Regulated by the
Financial Services Authority.  A member of ABI. 
For staff training and security purposes E-mail communications and
telephone calls may be monitored or recorded. 
***********************************************************************
Previous By Date Next
Previous By Thread Next

Current thread: