[Snort-sigs] Rules

Al Lewis (allewi) allewi at ...3865...
Fri Mar 13 16:13:38 EDT 2015


Hello,


Is your home_net/external_net variables setup correctly?

If they are you can suppress or threshold an overly noisy alert. All of this is explained in the manual.

In its default snort will be noisy so this is where the tuning comes in at.


Hope this helps.

Albert Lewis
QA Software Engineer
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi at ...3865...

From: Fabio Machado Sanches [mailto:fabio.sanches at ...4003...]
Sent: Friday, March 13, 2015 3:31 PM
To: Al Lewis (allewi); Joel Esler (jesler); snort at ...3751...; snort-sigs at lists.sourceforge.net
Subject: Rules

Messrs. (A) good afternoon

I need a Aiding !!

Snort is generating countless false positive alerts and need to insert a rule to ignore these alerts in the snort rules !!

How do I proceed?

And can I check snort is working perfectly?

Sincerely Yours

Fábio Sanches
Segurança da Informação - ISO
Planejamento, Governança de T.I. e Centrais de Atendimento e Emissão
Tokio Marine Seguradora
Fone: (55) (11) 3265-7640
VOIP: (2) 7640
fabio.sanches at ...4003...<mailto:fabio.sanches at ...4003...>
http://www.tokiomarine.com.br<http://www.tokiomarine.com.br/>
[Descrição: Descrição: Descrição: Assinatura_final_3_03.jpg][Descrição: Descrição: Descrição: Descrição: Descrição: icon-gptw]


----------------------------------------------------

As informa��es desta mensagem e de seus anexos podem ser confidenciais e/ou privilegiadas e dever�o ser utilizadas somente pelo seu destinat�rio. Caso tenha recebido esta mensagem por engano, favor comunicar o equ�voco ao remetente e apagar, permanentemente, o seu conte�do de qualquer computador. Ap�s a transmiss�o desta mensagem, a Tokio Marine n�o se responsabilizar� pela integridade e/ou pelo uso indevido destas informa��es.

The information in this message and its attachments may be confidential and/or privileged and should be used only by the intended recipient. If you have received it erroneously, please notify the mistake to the sender and permanently delete the content of any computer. After the transmission of this message, Tokio Marine shall not be responsible for the integrity and/or misuse of this information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20150313/15f35619/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 19225 bytes
Desc: image001.jpg
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20150313/15f35619/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 11967 bytes
Desc: image002.jpg
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20150313/15f35619/attachment-0001.jpg>


More information about the Snort-sigs mailing list