[Snort-users] Snort rule setting

Greta.Ji at ...4682... Greta.Ji at ...4682...
Thu Oct 5 18:26:05 EDT 2006


Snort scans FW port on the Internet DMZ. It works fine. But I see
there are many traffic. I would like to filter some of them out.
 
Ex: Any smtp (25) to mail servers, I don't want to see, but I want to 
    see DoS, overflow attempt,.. and port 25 sends to another system.
 
Looks like I did not find right doc to read. I know how to add more 
rules, but how can I filter them out. 
 
Thank you for the help,
 
--Greta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20061005/045bf2f2/attachment.html>


More information about the Snort-users mailing list