[Snort-users] Snort as IPS
forensixland at ...11827...
Sat Apr 22 22:37:50 EDT 2017
We just start to run snort as IPS and would like to take any advices from this group.
-- what are the rules we can start with safely in production env?
-- how do we automate updating the drop rules with pulledpork?
-- At time the snort blocking production env, what is the easy and quick way to disable or bypass the snort and put it back online later?
-- Any tips are greatly appreciated.
Sent from my iPhone
More information about the Snort-users