[PLUG] next snort task

Ron Kaye Jr on 9 Sep 2009 11:01:49 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] next snort task

From: Ron Kaye Jr <rekaye1005@verizon.net>

To: snort-users@lists.sourceforge.net

Subject: [PLUG] next snort task

Date: Wed, 09 Sep 2009 13:01:30 -0500 (CDT)

Cc: plug@lists.phillylinux.org

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

i am finally up and snorting away.
base engine with graphing is working fine.

1) i am finding alerts i am not interested in,
for example ...

MISC UPnP malformed advertisement

VOIP-SIP outbound 401 Unauthorized message protocol-command-decode

VOIP-SIP inbound 401 Unauthorized message protocol-command-decode

i want to filter them out.
not sure how- wouldnt know which rule file generated these messages, and if i did, how to do it.

2) i would like the alerts to go to my email.
i am a complete rookie here.
heard of sendmail, received a vague reference to postfix, but have no clue.
then have to send to an smtp relay server somewhere i'm guessin

Ron Kaye Jr
914-7294734
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Prev by Date: Re: [PLUG] How can I make my wifi manager just remember passwords without a kwallet or keyring?

Next by Date: Re: [PLUG] How can I make my wifi manager just remember passwords without a kwallet or keyring?

Previous by thread: Re: [PLUG] How can I make my wifi manager just remember passwords without a kwallet or keyring?

Next by thread: Re: [PLUG] How can I make my wifi manager just remember passwords without a kwallet or keyring?

Index(es):

Date

Thread