[Snort-users] (no subject)
jburnes at ...75...
Wed Jul 19 13:12:39 EDT 2000
Marty et al:
Were trying to implement a few additions to snort here at Savvis.
(1) Sending alerts via SNMP to our Enterprise monitoring/logging DB.
(2) Squelching the noice to only look for what we want
(3) Assign some severity level to the events for SNMP
(4) Be able to easily indicate a list of internal subnets which
should be ignored if you see traffic flowing between them.
(right now I have this implemented via a BPF pre-filter, but
there must be a more elegant method. The BPF filter gets a little
Sometimes it is said that man can not be trusted with the government of
himself. Can he, then, be trusted with the government of others? Or have we
found angels in the forms of kings to govern him? Let history answer this
question. -- Thomas Jefferson, 1st Inaugural
More information about the Snort-users