panic. at ...158...
Wed Jul 26 14:09:33 EDT 2000
i am using snort 1.6.3 on a SUSE 6.4 box. I have 45 virtual ips on
my machine in different subnets
Now i want snort to listen with all rules on these ips. How can i
do that or have i to write 45 rules for each rule?
Another problem is that i want to log appents fast after each other
only ONE time.
alert tcp any any -> 10.0.3.75 21 (msg: "FTP connect";)
this makes on one connect of a FTP programm 4 alerts but i want only
1. How can i do this?
Ok thanks for all
Thomas mailto:panic. at ...158...
More information about the Snort-users