Snort mailing list archives

Previous By Date Next
Previous By Thread Next

(no subject)

From: Alvaro Lillo <alvarolillo () yahoo com>
Date: Sun, 25 Aug 2002 07:28:21 -0700 (PDT)
I have seen that some packets that match more than one
rule of snort only generate one alert. This happens
because snort at the first match don`t continue
comparing content. This could cover an attack
generating only alerts of low importance. 

There`s any way for give priority to some rules over
others (the idea is that snort first search for
matches in some selected rules before the others)?




__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com


-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: