|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Snort-users] Filter Out a Snort Decoder
From: Mike Maki (mmaki
adelphia.net)
Date: Mon Jan 05 2004 - 15:24:02 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Using Snort version 2.1.0. I have an OpenBSD box running samba and for some
reason it's sending out corrupt(?) browser election data that snort picks up
as noted below:
(snort\_decoder) WARNING: Not IPv4 datagram!
IPv0: 192.168.1.12 -> 192.168.1.127
hlen=0 TOS=0 dlen=0 ID=0 flags=0 offset=0 TTL=0 chksum=230
UDP: port= -> dport: len=
Payload: none
My question is, how can set snort to not report this host for this issue?
Thanks
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]