[Snort-users] Snort, BASE, and FRW

waldo kitty wkitty42 at ...14940...
Wed Sep 26 00:11:07 EDT 2012


On 9/25/2012 15:37, Shomiron Das Gupta wrote:
> Hi,
>
> Few questions:
> -- What firewalls are these?

what firewalls do you mean???

> -- Do they have preinstalled snort running on them?

you have to tell us more... the crystal balls are in the shop... what are you 
looking at on what systems???

> -- Are these firewalls running on HA?

who knows? you are running what you are... we cannot see this from here...

> These will help us get a correct analysis.

please define "correct analysis"... especially considering inbound rules vs 
outbound rules... than then consider do you want to catch all "bad" (based on 
your rules choices) traffic on only that "bad traffic" that your rules choices 
are covering on your network with known apps running???





More information about the Snort-users mailing list