[Oisf-users] Newbie question - what to drop?

Diego M. Vadell dvadell at lantech.com.ar
Tue Mar 19 15:38:24 UTC 2019

Previous message (by thread): [Oisf-users] Missing Alerts? May be the network
Next message (by thread): [Oisf-users] Newbie question - what to drop?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello everybody,

    I have installed suricata and it's working great. Now I'd like to start 
dropping packets. For what I understood, I have to make transformation rules 
in /etc/suricata/drop.conf.

    What is adviced to drop? severity: 1 alerts? single rules? anything that 
contains "trojan"? What do you people drop?

Thanks in advance,
 -- Diego.

Previous message (by thread): [Oisf-users] Missing Alerts? May be the network
Next message (by thread): [Oisf-users] Newbie question - what to drop?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Oisf-users mailing list