Snort mailing list archives
Re: SID Assignment
From: JJ Cummings <cummingsj () gmail com>
Date: Wed, 3 Apr 2013 15:10:07 -0600
No, SID is what you were looking for, and I answered this in the original thread. Sent from the iRoad On Apr 3, 2013, at 13:28, Phil Daws <uxbod () splatnix net> wrote:
Sorry, this should have read as SIG assignment! ----- Original Message ----- From: "Phil Daws" <uxbod () splatnix net> To: snort-users () lists sourceforge net Sent: Wednesday, 3 April, 2013 7:47:54 PM Subject: [Snort-users] SID Assignment Hello, have started to work with Snort and find it amazing! What I would like to do now is integrate it with OSSEC and use the active responsive functionality to blocked IPs based on certain criteria; one of those criteria being the SID that triggered the event. How often do assigned SIDs change as would hate to hate spew of FP's :) Thank you. ------------------------------------------------------------------------------ Minimize network downtime and maximize team effectiveness. Reduce network management and security costs.Learn how to hire the most talented Cisco Certified professionals. Visit the Employer Resources Portal http://www.cisco.com/web/learning/employer_resources/index.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ Minimize network downtime and maximize team effectiveness. Reduce network management and security costs.Learn how to hire the most talented Cisco Certified professionals. Visit the Employer Resources Portal http://www.cisco.com/web/learning/employer_resources/index.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Minimize network downtime and maximize team effectiveness. Reduce network management and security costs.Learn how to hire the most talented Cisco Certified professionals. Visit the Employer Resources Portal http://www.cisco.com/web/learning/employer_resources/index.html
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- SID Assignment Phil Daws (Apr 03)
- Re: SID Assignment JJ Cummings (Apr 03)
- <Possible follow-ups>
- Re: SID Assignment Phil Daws (Apr 03)
- Re: SID Assignment JJ Cummings (Apr 03)