[Snort-users] Classification.config file doubt.

Erek Adams erek at ...577...
Wed Nov 14 23:26:02 EST 2001


On Thu, 15 Nov 2001, Sonika Malhotra wrote:

> Hello List,

Hello Sonika!

>         I have installed snort1.8.1 on Linux-2.2.14.

Well....  First off:  Upgrade to to 1.8.2  (1.8.3 will be out Real Soon Now!)
Secondly:  I'm sorry you are on Linux.  :)  You know you can download Solaris
x86 for free....  ;-)

[ Bigot Disclaimer:  I'm not a Linux fan.  It just ain't my bag, Baby!  And
apolgies to Austin Powers for stealing his line....  ;-)  ]


> The classification.config file has different class-types and their
> priorities. I want to know more in this direction.How do i define a
> class-type and its priority, can i customize this, so that i am able to
> classify attacks in high,medium,low categories. and also i want to b
> e-mailed if a high-priority risk attack is found.(i donot need an e-mail
> for all low/medium risks).Any pointers?

Well, classification.config has been hashed out a lot recently (see the thread
on 'Professionalism' in the archives.  :-).  But it's basically, pretty
simple.



More information about the Snort-users mailing list