[Snort-users] how to ignore scans from trusted hosts?

Roeland Weve roeland at ...1415...
Thu May 31 09:54:03 EDT 2001

I've seen it in a snort.conf version where the trusted host
'www.snort.org' was ignored from getting alerts from.
Now I'm getting alerts from some trusted hosts and want to ignore them
by putting them in the snort.conf file.
I forgot how to do that, is it still possible and how can I do it?


More information about the Snort-users mailing list