Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPS Policy Selection

From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 21 Dec 2015 18:12:26 +0000
grep is your friend here I think, unless you are using the Firesight management console (Cisco commercial product)

Since the rollout of the policies though, http://blog.snort.org/2013/10/snort-vrt-default-ruleset-rebalancing.html we 
haven’t put p2p in a default policy.

--
Joel Esler
Manager, Talos Group




On Dec 17, 2015, at 12:11 PM, Yeatman, Josh <jyeatman () montreat edu<mailto:jyeatman () montreat edu>> wrote:

Hi,
Is there a place where I can see an overview of which rules are being enabled by the 3 pre-defined IPS policies?
I am particularly interested in which P2P rules are being enabled at each level.
Thanks,

Josh Yeatman
Campus Technology - Montreat College
828-419-2062
www.montreat.edu<http://www.montreat.edu/>
<image001.png>​

*Please consider the environment before printing this email.

------------------------------------------------------------------------------
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net<mailto:Snort-sigs () lists sourceforge net>
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org<http://www.snort.org/>


Please visit http://blog.snort.org<http://blog.snort.org/> for the latest news about Snort!


------------------------------------------------------------------------------

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: