Snort mailing list archives

(no subject)

From: Lakshmi <lakshmi_rm () sify com>
Date: Sat, 21 Sep 2002 11:04:50 +0600 (IST)

Hi all,
     The IDS we use works on snort 1.8.3 and we use demarc 1.05 to monitor the alerts.Our alerts consists of a number 
of "spp_unidecode: Invalid Unicode String detected".
Is there any problem if this alert is disabled as a whole? will any genuine alert be prevented from coming up in doing 
so?..that is will we miss out any attempted intrusion from being alerted?while monitoring the payloads of these alerts 
we felt that only some of them refer to some suspicious activity.Is there any possibility to restrict this alert for 
specified ips alone?
Can someone help out?
      

-------------------------------------------------
Sify Mail - now with Anti-virus protection powered by Trend Micro, USA.
Know more at http://mail.sify.com

Want to get into IIM? Take the Sify Mock CAT now!
http://education.sify.com/mockcat


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

(no subject), (continued)
- (no subject) Lionel Fairon (Aug 28)
- Re: (no subject) Roman Danyliw (Sep 05)
- (no subject) Marc Dreher (Sep 06)
  - Issue with barnyard & unified alert log file Marc Dreher (Sep 06)
- (no subject) Earl D. Fife (Sep 11)
- (no subject) Sergg B. (Sep 15)
- (no subject) snort bsd (Sep 22)
- (no subject) Roger Parx (Sep 24)
  - RE: (no subject) Wayne T Work (Sep 24)
- Re: (no subject) Joe Giles (Sep 24)
- (no subject) Lakshmi (Sep 25)
- (no subject) 赵光明 (Sep 28)