[Snort-users] snort rules with OS info?

Susan Coulter skc at ...440...
Fri Feb 13 13:51:00 EST 2004


We're planning on merging our ip-OS information database with our snort
infrastructure in order to remove false positives related to OS
differences.  (i.e.  alerts that trigger on rules that are Windows
specific, when that particular ip runs Linux, etc.)
Has anyone else gone thru the snort ruleset and identified (if possible)
the Operating System the rules applies to?  If so, is that information
available for others?

If I cannot find an existing ruleset that contains OS - we'll go thru
the tedious task of doing that, at which point we'll post the info for
others.

-- 
====================================
Susan Coulter
Network Security Team
CCN-5 Network Engineering 
Los Alamos National Laboratory
505-667-8425 phone
505-665-7793 fax 
====================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040213/dc39ae79/attachment.html>


More information about the Snort-users mailing list