sol at ...2229...
Tue Sep 18 10:15:01 EDT 2001
check this out http://220.127.116.11/ <http://18.104.22.168/>
thats one of the source IPs. opens a second window, offers readme.exe as
From: snortlst snortlst [mailto:snortlst at ...125...]
Sent: Tuesday, September 18, 2001 12:13 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] General info
I couldn't find the explanation for pretty simple questions on the snort
site, so maybe you can clarify this:
1. When you compare traffic to the rules what are the options - alerts are
sent to syslog or database, or file,that's o.k., but can you for example
drop connection if it conflicts with snort rules?What else can you do to
2.I don't think mysql is an option for me, is ACID simplier to confiure than
3. Can I generate HTML reports if I log to ACID?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users