Re: [Snort-users] WEB-IIS %2E-asp access
This is a discussion on Re: [Snort-users] WEB-IIS %2E-asp access within the Snort forums, part of the System Security and Security Related category; --=-2CZ/zmhQyiUO7ttwVzX1 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2004-12-14 at 07:35, Patrick ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-14-2004
|
|||
|
|||
Re: [Snort-users] WEB-IIS %2E-asp access
--=-2CZ/zmhQyiUO7ttwVzX1 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2004-12-14 at 07:35, Patrick Marquetecken wrote: > I want to disable/hide WEB-IIS %2E-asp access so i put in my threshold.co= nf following rule: > suppress gen_id8, sig_id 972, track by_dst, ip xxx.xxx.xxx.xxx Since that "WEB-IIS %2E-asp access" is a regular rule, the generator ID has to be 1. suppress gen_id 1, sig_id 972, track by_dst, ip xxx.xxx.xxx.xxx Regards, Frank --=-2CZ/zmhQyiUO7ttwVzX1 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBvvfXJjGc5ftAw8wRAjwuAJ9+/KrFh5d78elSFKWoS4Z5eakVvACg4ZnU HdQDF+F2exYCvTXDFRdymmI= =irUJ -----END PGP SIGNATURE----- --=-2CZ/zmhQyiUO7ttwVzX1-- ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
