[Oisf-users] (no subject)
Cooper F. Nelson
cnelson at ucsd.edu
Fri Jun 14 17:57:17 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Usually but not always, it depends on the alert.
Have you tried enabling the 'http.log'? I would do that first and just
generate some http traffic to make sure suricata is
monitoring/normalizing traffic.
- -Coop
On 6/14/2013 10:48 AM, mouna amani wrote:
> If I set EXTERNAL_HOME_NET: any
> and HOME_NET: 192.168.50.0/24
> that means even a machine with ip 192.168.50.3 for exemple that tries to do
> an attack will be trigger an alert ??
>
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJRu1l9AAoJEKIFRYQsa8FW6MgIAJjcHcnFk+G9n/PzZwGPHvtd
Wn4EfAE50RTLtHj4e/4/j2c0gVyBRb/43bYdlpOMuVMsOtxhsisHVC8Ax+4eKAs8
sC3AuO71f1k1qYKT3XQvAojUKD1GYeO+zF75QO4Bebo7EBMmYJa6sDTnv4z8NjXb
nbuCsjZJ/sKxDHvLQ6K5i5KfBkCNIcyJCFk8fqWXDpMZNFU0gi8KSY6Q6aV9Po3R
W0kG/wrX5SiZ/+qApurOUyezHerAX0DU6wMc1/bHclddXE1F2JuoIgxY+Oayr8Nw
3wnXIjAwpsXsx+md2KQMYbooX0ljab8+A7HIh71Ht2z0QnxSH1Zh2+fPTZo0lKw=
=P9/W
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list