[Snort-users] Rules and Tuning

JJC cummingsj at ...11827...
Tue Aug 14 11:38:48 EDT 2012


You can look them up, by SID,  at snort.org or rootedyour.com.
 additionally there is reference information in almost every rule that
references a CVE, Bugtraq ID, URL etc.... you can get additional
information there, just requires a little bit of keyboarding and
interwebing..

JJC

On Mon, Aug 13, 2012 at 11:42 AM, Steven Vona <savona at ...15736...> wrote:

> Is there someplace I can get a list of rules and what they are looking
> for?  We are getting a ton of alerts and I would like to fine tunes which
> rules should be active and which rules should be disabled.  I need more
> information than just the name of the rule.
>
> Thanks,
> Steve
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120814/117c092e/attachment.html>


More information about the Snort-users mailing list