[Snort-users] Unexpected results with reputation preprocessor - solved

Joel Esler (jesler) jesler at ...589...
Tue May 13 12:50:03 EDT 2014

On May 13, 2014, at 9:57 AM, Dave Corsello <snort-users at ...15598...<mailto:snort-users at ...15598...>> wrote:

I second James' request for "official" documentation of how to configure Snort IPS.  Some of us open source users are using Snort inline, basing our configuration on documentation that we've pieced together from various sources.  We might be getting it mostly right, but as I've demonstrated, we might be getting some details wrong, possibly leaving ourselves more vulnerable than we think we are.  So, if possible, it would be great to see things laid out clearly in one document, so that there's no guesswork involved.

This is definitely something we want up there.  I just don’t have the time to do it right now with the 100 other things I’ve been cranking on.

If anyone would be willing to dedicate the time to do it, I’ll send you some nice swag gifts.  (Ask James Lay how nice it is ;)

Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140513/6c6a2654/attachment.html>

More information about the Snort-users mailing list