[Snort-users] real-time alerting and rule to monitor only specific traffic

Lena Okanovic lokanovic at ...17094...
Mon Feb 23 19:24:57 EST 2015


How can I only monitor TCP traffic that is not on port 80 or 443 or on our DMZ IP address? And also, can someone please provide me with instructions on how to setup real-time (email) alerting in Snort on Windows server box.

So, if 'bad' TCP traffic comes through, I would like to get an email right a way letting me know.

Thank you,

Lena Okanovic

lokanovic at ...17094...<mailto:lokanovic at ...17094...>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150224/a3234280/attachment.html>

More information about the Snort-users mailing list