Snort mailing list archives
Tuning Signatures
From: "Jim Terry" <jtixthus () excite com>
Date: Sat, 13 Mar 2004 20:43:15 -0500 (EST)
Hi all, This is my first post to the list! I have Snort up and running and need help in understanding what the signature explanation is trying to tell me and what the rule categories mean. My background is more networking rather than programming or TCP/IP. It seems to me the rule explanations state plenty of coding information that does not mean too much to me. For instance NOOP. I take it NOOP is bad but it seems to pretty common. What is the best document/book/man page to help in this matter? The Snort Users Manual did not do it for me. Thank you! Jim Terry _______________________________________________ Join Excite! - http://www.excite.com The most personalized portal on the Web! ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Tuning Signatures Jim Terry (Mar 13)
- Re: Tuning Signatures AJ Butcher, Information Systems and Computing (Mar 15)
- Re: Tuning Signatures Tod Beardsley (Mar 15)
- Re: Tuning Signatures AJ Butcher, Information Systems and Computing (Mar 15)