Snort in a Home Network

[Xander <reg.regedit () gmail com>]

Hello everyone,
I have a simple question regarding Snort.
If I want to use it in my private home network (which consists of a
couple of laptops and smartphones) is it reasonable to disable some
preprocessors (and the rules related to them)?

Here is what I mean: since I do not have any kind of server, just a
couple of laptops and smartphones, can I just disable their dedicated
preprocessors (e.g. ftp preprocessor, sip preprocessor, smtp
preprocessor, http preprocessor and so on)?

> From my understanding of Snort, the preprocessors and the IPVARs (e.g.
$HTTP_SERVERS, $SSH_SERVERS, $TELNET_SERVERS....) that you set in the
snort.conf are aimed to analyze the traffic directed to your servers
in your network. But, as I said, I don't have any, hence my question
about turning the preprocessors off.

Also, to disable them, do I just have to comment them out in the snort.conf?

Thank you very much for your help.

------------------------------------------------------------------------------
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!