[Snort-users] How to ingnore a specific host(s) ?

CGhercoias at ...8619... CGhercoias at ...8619...
Fri May 30 11:10:03 EDT 2003


Thank you Erek, I think I'll go with encryption. Now I need to find how to
enable this for Apache 2.0.45....
Goggle is my friend, I know ;o)

-----Original Message-----
From: Erek Adams [mailto:erek at ...950...] 
Sent: Friday, May 30, 2003 1:57 PM
To: Ghercoias, Catalin
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] How to ingnore a specific host(s) ?


On Fri, 30 May 2003 CGhercoias at ...8619... wrote:

> I have installed snort on several machines and everything works good. 
> But,... I have one of the sensors listening in the _internal_ network 
> , and is located on the same segment with the _management_ server 
> (ACID, mysql, php, Snortcenter, etc). Whenever an alert is triggered , 
> let's say someone have received an spam email with porn in it, the 
> event gets written in the database.

[...snip...]

Two options

	* Use SSL + ACID + APACHE to encrypt the data
	* http://www.theadamsfamily.net/~erek/snort/ignore.txt

Cheers!

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson




More information about the Snort-users mailing list