[Snort-users] SNMP request UDP Alerts

Jonathan Baker jb at ...6531...
Thu Aug 15 07:58:04 EDT 2002


I would like to not get these (and other alerts) for particular hosts and I
am not sure how to do this...I have seen the writing rules doc on snort.org
but it's not clear to me what conf file the ignores should be added to and
what the syntax would be.

#0-(2-13)    [CVE] [CVE] SNMP request udp   2002-08-13 12:45:44
xxx.xxx.xxx.xxx:4069   xxx.xxx.xxx.xxx:161        UDP

thnaks for your help,

 jb





More information about the Snort-users mailing list