Snort mailing list archives
Too many alerts
From: "Egal A Egal - SA" <egale () comtrust ae>
Date: Mon, 7 Apr 2003 12:42:34 +0400
Hi&help; I have installed Snort 1.9.1 on RedHat 8.0..! It is working just great except for too many alerts that I get which are just overwhelming my screen. These I believe are false postives but I want them to STOP. Please help me in stopping these. Ofcourse I don't want to unload the rules therefore any other solution is welcome. The messages are: "SCAN UPNP service discover attempt" "nessus MISC xdmcp info query" (I think I know this because I use cygwin XWin.exe to connect to this server over X and this started after using this) "X11 MIT Magic Cookie detected" (probably because of the same reason above...XDM)... Thanks, EGAL DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. ------------------------------------------------------- This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Too many alerts Egal A Egal - SA (Apr 07)
- Re: Too many alerts Joerg Weber (Apr 07)