Snort mailing list archives
Re: Snort, BASE, and FRW
From: waldo kitty <wkitty42 () windstream net>
Date: Wed, 26 Sep 2012 00:11:07 -0400
On 9/25/2012 15:37, Shomiron Das Gupta wrote:
Hi, Few questions: -- What firewalls are these?
what firewalls do you mean???
-- Do they have preinstalled snort running on them?
you have to tell us more... the crystal balls are in the shop... what are you looking at on what systems???
-- Are these firewalls running on HA?
who knows? you are running what you are... we cannot see this from here...
These will help us get a correct analysis.
please define "correct analysis"... especially considering inbound rules vs outbound rules... than then consider do you want to catch all "bad" (based on your rules choices) traffic on only that "bad traffic" that your rules choices are covering on your network with known apps running??? ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort, BASE, and FRW Joao Daniel Neves (Sep 25)
- Re: Snort, BASE, and FRW Shomiron Das Gupta (Sep 25)
- Re: Snort, BASE, and FRW waldo kitty (Sep 25)
- Re: Snort, BASE, and FRW waldo kitty (Sep 25)
- Re: Snort, BASE, and FRW Joao Daniel Neves (Sep 26)
- Re: Snort, BASE, and FRW Shomiron Das Gupta (Sep 25)