chganser at ...807...
Fri Nov 17 07:12:55 EST 2000
i am new to this list.
i have newly installed snort on a box checking a 512kb link. in a few day
we are goning to have a 10mb link.
as i am new to snort i just used all rules in the snort db. now i have
many many massages.
1. do you know a document, witch is going to help me to interpret all
messages? what is harmless and witch messages not.
2. i get many port scan messages from the dns-servers. i read somewhere,
that i can set a dnsservers variable in the rules file.
var DNSSERVERS dns1.domain.tld 126.96.36.199 dns3.domain.tld
but it didn't help much. what is wrong?
thanks and bye
Mobile: +41 76 580 72 90
More information about the Snort-users