[Oisf-users] Questions about IP Reputation
Victor Julien
lists at inliniac.net
Mon Mar 7 13:57:20 UTC 2016
On 05-03-16 18:25, Leonard Jacobs wrote:
> With IP Reputation configuration, what is the detail on scoring value?
> What do the scoring values signify?
They are meaningless by themselves. They are simply values that you can
match on from the rules:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/IPReputationRules
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/IPReputationFormat
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/IPReputationConfig
> With the IP Reputation categories, what do the numbers mean? What does
> it mean that 60 is the default?
Not sure I follow this, how is 60 the default?
It's possible to define 60 different categories currently.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list