Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Rules

From: k vijay sai prashanth <vijaysaiprashanth () gmail com>
Date: Tue, 27 Nov 2012 02:37:25 +0530
Hello All,

I see that only my test ruleis triggering events.


#alert icmp any any -> $HOME_NET any (msg:"ICMP test"; sid:10000001;)


All the paths in snort.conf are correct.

I see that my blacklist.rules is a very long file with lots of rules. Is
this causing the problem?

Why is the test rule the only rules that is triggering events.

------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: