[Snort-users] http_inspect question

Bristol, Gary L. gbristol at ...10387...
Mon Oct 25 12:53:13 EDT 2004


Check out the capabilities of the Suppression line in the Threshold.conf
file.

You can specify individual host/sid combinations that you don't want to
alert on. 

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Stevo
Sent: Monday, October 25, 2004 1:54 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] http_inspect question

Hi Team,

I just installed Snort and am receiving a number of these http_inspect 
errors.  They are all between internal hosts and my OWA server in my DMZ
and 
I'd like to disable them, but I can't work out how!

Any ideas for me??  Please be gentle!

Thanks

Stevo 



-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give
us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out
more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list