[Snort-users] Snort, BASE, and FRW
wkitty42 at ...14940...
Wed Sep 26 00:11:07 EDT 2012
On 9/25/2012 15:37, Shomiron Das Gupta wrote:
> Few questions:
> -- What firewalls are these?
what firewalls do you mean???
> -- Do they have preinstalled snort running on them?
you have to tell us more... the crystal balls are in the shop... what are you
looking at on what systems???
> -- Are these firewalls running on HA?
who knows? you are running what you are... we cannot see this from here...
> These will help us get a correct analysis.
please define "correct analysis"... especially considering inbound rules vs
outbound rules... than then consider do you want to catch all "bad" (based on
your rules choices) traffic on only that "bad traffic" that your rules choices
are covering on your network with known apps running???
More information about the Snort-users