|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Snort-users] A few questions
From: Newbie (h8u9myo02
sneakemail.com)
Date: Tue Sep 14 2004 - 16:36:09 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi
I have a few questions regarding Snort, which I currently run on Windows just as a monitoring tool.
I am not on a network, I simply have my PC and router as a home configuration. However I get a lot of false negatives where the error relates to my router. How can I configure HOME_NET to therefore include any IPs that begin with 123.123 etc? Currently it is setup IP/32 – what would the new one be?
Secondly, because I am using a home PC/router, I am not sure the flow:to_server is relevant for me. These commands also include major anti-trojan rules which don’t seem to therefore work for my PC setup. Can I simply remove these commands if I am not on a server?
And finally – a more simple question, apart from a Snort equivalent with some more graphs, what more security features do all these wiz-bang systems you pay thousands for actually include?
As you can tell – am a newbie and just have a few queries.
Thanks for your help
Newbie :o)
-------------------------------------------------------
This SF.Net email is sponsored by: thawte's Crypto Challenge Vl
Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam
Camcorder. More prizes in the weekly Lunch Hour Challenge.
Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]