[prev in list] [next in list] [prev in thread] [next in thread]
List: snort-users
Subject: Re: [Snort-users] Snort / Alert Management Best Practices
From: Frank Knobbe <frank () knobbe ! us>
Date: 2006-07-19 18:37:31
Message-ID: 1153334251.16453.34.camel () localhost
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Wed, 2006-07-19 at 11:17 -0500, Daryl J. Rue wrote:
> Or are you just consistently fine
> tuning the rules so only events that require action are shown?
Yes. It's on ongoing process. Lots of initial tuning, but still a
continuous tuning during daily use.
Frank
--=20
It is said that the Internet is a public utility. As such, it is best
compared to a sewer. A big, fat pipe with a bunch of crap sloshing
against your ports.
["signature.asc" (application/pgp-signature)]
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic