Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Comprehensive explanation of rules

From: Scott Ellis <scorellis () kcura com>
Date: Wed, 16 Dec 2015 21:53:54 +0000
I am trying to find a comprehensive explanation of rules, such as:

*         who wrote it,

*         what it is intended to block,

*         what might be some of the root causes of hyperactive alerts,

*         what is the category ID of a signature and how to I block an entire category, (I know how to handle single 
signatures)

*         is there an online lookup where I can find all this information and lookup a signature by its ID
and any other useful information that can be provided that will help me develop stronger alert management workflows for 
my organization.

Thank you!
Scott

------------------------------------------------------------------------------

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: