[Snort-users] preprocessor sensitive_data (snort

Joel Esler jesler at ...1935...
Fri Jun 4 08:39:11 EDT 2010

Take a look at the sensitive-data.rules as well as the README for the sensitive data preprocessor to see how you can write your own rules, etc, to detect what you'd like.

The rules are great examples, you can build from there.

On Jun 3, 2010, at 6:06 PM, Lawrence R. Hughes, Sr. wrote:

> Hi,
> When we enable the "preprocessor sensitive_data", we are getting alerts for everyday cookies.
> Is there a way to tighten this up or disable the cookies from being detected?

Joel Esler
Jabber: jesler at ...1935...

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100604/1fec512d/attachment.html>

More information about the Snort-users mailing list