Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Time Based IDS Rules

From: "Josh Berry" <josh.berry () netschematics com>
Date: Mon, 17 Nov 2003 15:18:39 -0600 (CST)
Has there ever been any discussion/development done on potentially adding
time options to IDS signatures?

Like the time module for IPTables, where you can specify days that the
rule will be active and the time of day?

This would be useful for instances where there are high degrees of false
positives at certain times of the day, but should not be any activity at
others.  In my company, we do a lot of development that triggers several
of the WEB-XXX rules during the day, but the kind of traffic I would never
expect to see at night.


-------------------------------------------------------
This SF. Net email is sponsored by: GoToMyPC
GoToMyPC is the fast, easy and secure way to access your computer from
any Web browser or wireless device. Click here to Try it Free!
https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: