[Snort-users] redundant rules

Watson, Ed ewatson at ...2004...
Thu May 10 16:27:14 EDT 2001


The default rules don't seem to pick up port scans, even obvious ones. I
thought if I used the vision.rules, that would be more effective, and it
hasn't. Could redundant rules cause it to not log these events?
 
1166 rules read...
1166 Option Chains linked into 257 Chain Headers
0 Dynamic rules
 
System
      Dell 1550
        dual PIII 833
        1gb ram
        100baseTX FDX
    Resource usage
        Mem .6%
        CPU  .1%
OS
    RH7

Ed Watson


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20010510/4dc4035b/attachment.html>


More information about the Snort-users mailing list