[Snort-users] mrtg machine

Slighter, Tim tslighter at ...5174...
Mon Apr 21 07:11:03 EDT 2003


just rewrite the rule as:  

alert udp !10.1.1.x any -> $HOME_NET 162 (msg:"SNMP trap udp".......

-----Original Message-----
From: Ben Whittaker [mailto:ben_whittaker at ...131...]
Sent: Sunday, April 20, 2003 1:00 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] mrtg machine


snort: [1:1417:2] SNMP request udp [Classification: Attempted Information
Leak] [Priority: 2]: {UDP} 10.1.1.x:39629 -> x.x..x.x:161

This is my machine running MRTG how do I stop it from logging.




  _____  

Do you Yahoo!?
The New  <http://us.rd.yahoo.com/search/mailsig/*http://search.yahoo.com>
Yahoo! Search - Faster. Easier. Bingo.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030421/d2b90d93/attachment.html>


More information about the Snort-users mailing list