Snort mailing list archives
Snort in a Home Network
From: Xander <reg.regedit () gmail com>
Date: Wed, 29 Jul 2015 17:55:14 +0200
Hello everyone, I have a simple question regarding Snort. If I want to use it in my private home network (which consists of a couple of laptops and smartphones) is it reasonable to disable some preprocessors (and the rules related to them)? Here is what I mean: since I do not have any kind of server, just a couple of laptops and smartphones, can I just disable their dedicated preprocessors (e.g. ftp preprocessor, sip preprocessor, smtp preprocessor, http preprocessor and so on)?
From my understanding of Snort, the preprocessors and the IPVARs (e.g.
$HTTP_SERVERS, $SSH_SERVERS, $TELNET_SERVERS....) that you set in the snort.conf are aimed to analyze the traffic directed to your servers in your network. But, as I said, I don't have any, hence my question about turning the preprocessors off. Also, to disable them, do I just have to comment them out in the snort.conf? Thank you very much for your help. ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort in a Home Network Xander (Jul 29)
- Re: Snort in a Home Network Stephen Gantz (Jul 29)
- Re: Snort in a Home Network Xander (Jul 29)
- Re: Snort in a Home Network Stephen Gantz (Jul 29)