Helder Miguel Rodrigues
crash at ...9650...
Tue Jul 15 11:29:26 EDT 2003
-----BEGIN PGP SIGNED MESSAGE-----
I cant change all rules to have the result that i want!
Thanks a lot anyway!
Anyone have another tips?
Josué Souza wrote:
| I'm a newbie on snort but maybe you should take a look at the flow
rule option. It seems that this is used to apply rules to only one
direction of the traffic. It's in section 2.3.35 of Snort Users Manual.
| Best regards,
| Josué José Souza Júnior
| Nexos Information Security
| josue at ...9619... <mailto:josue at ...9619...>
| +55 71 2106-9125
| Salvador - Bahia - Brasil
| >>> Helder Miguel Rodrigues <crash at ...9650...> 07/15/03 01:19 >>>
| Hello I have my workstation running snort with no probs.
| My workstation is directly connected to the internet via eth0!
| so I have in my config file:
| var HOME_NET $eth0_ADDRESS
| var EXTERNAL_NET !$HOME_NET
| But in acid it appears ATTACK RESPONSES 403 and my CHAT MSN messages,
| how can I prevent to log this things?
| I just want to log what came from the internet, not what goes to the
| Thanks a lot
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-nr1 (Windows XP)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Snort-users