[Snort-users] A simple question........

Esler, Joel - Contractor joel.esler at ...9426...
Mon Sep 13 05:33:49 EDT 2004


Depends on what version of Snort you are running.  Apparently Snort
2.2.0 alerts off of multiple rules.
 
Joel

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Dennis
George
Sent: Monday, September 13, 2004 5:44 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] A simple question........


Hi all,
 
I think it will be simple question............ But I am slighlty
confused..........
 
1) If in my rule file I have 3 rules and in a packet all the 3 rules get
satisfied... do I get all the three alerts ??
 
2) If I have two identical rules then does snort discard one of the rule
or generate two alerts when that rule is satisfied ???
 
thanks in advance
 
Dennis



  _____  

Do you Yahoo!?
Yahoo!
<http://us.rd.yahoo.com/mail_us/taglines/50x/*http://promotions.yahoo.co
m/new_mail/static/efficiency.html> Mail - 50x more storage than other
providers!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040913/990f6f1f/attachment.html>


More information about the Snort-users mailing list