[Snort-users] snort rules with OS info?
skc at ...440...
Fri Feb 13 13:51:00 EST 2004
We're planning on merging our ip-OS information database with our snort
infrastructure in order to remove false positives related to OS
differences. (i.e. alerts that trigger on rules that are Windows
specific, when that particular ip runs Linux, etc.)
Has anyone else gone thru the snort ruleset and identified (if possible)
the Operating System the rules applies to? If so, is that information
available for others?
If I cannot find an existing ruleset that contains OS - we'll go thru
the tedious task of doing that, at which point we'll post the info for
Network Security Team
CCN-5 Network Engineering
Los Alamos National Laboratory
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users