Disabling preprocessor rules

["Elie, Kenneth via Snort-sigs" <snort-sigs () lists snort org>]

I know this gets asked often enough, but im having trouble disabling a few preprocessor rules in my snort instance. I 
have not tried suppression yet.

I commented the rules out in preprocessor.rules and then added the signatures to the modifysid.conf
142:1
123:2
124:1

The alerts still flood in. Where else should I check?

[cid:image001.jpg@01D69BD8.399733A0]
Kenneth Elie
Systems Analyst - Security
Enterprise Technology Services
1 N. University Drive
Plantation, FL 33324-2019
954-357-7987 (Office)
Kelie () broward org<mailto:Kelie () broward org>
www.broward.org<http://www.broward.org/>


________________________________

Under Florida law, most e-mail messages to or from Broward County employees or officials are public records, available 
to any person upon request, absent an exemption. Therefore, any e-mail message to or from the County, inclusive of 
e-mail addresses contained therein, may be subject to public disclosure.

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!