Tuning Signatures

["Jim Terry" <jtixthus () excite com>]

Hi all,



This is my first post to the list!  I have Snort up and running and need help in understanding what the signature 
explanation is trying to tell me and what the rule categories mean. 



My background is more networking rather than programming or TCP/IP.  It seems to me the rule explanations state plenty 
of coding information that does not mean too much to me.  For instance NOOP.  I take it NOOP is bad but it seems to 
pretty common.



What is the best document/book/man page to help in this matter?  The Snort Users Manual did not do it for me.



Thank you!





Jim Terry

_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users