subject:"\[ossec\-list\] Re\: Preventing locally triggered rule"

[ossec-list] Re: Preventing locally triggered rule

2009-01-08 Thread Dimitri Yioulos

...@googlegroups.com] On Behalf Of Dimitri Yioulos Sent: Wednesday, January 07, 2009 3:53 PM To: ossec-list@googlegroups.com Subject: [ossec-list] Re: Preventing locally triggered rule Importance: Low Thanks very much, Rick! I checked the docs for any information on srcip, and also googled, but came up

[ossec-list] Re: Preventing locally triggered rule

2009-01-07 Thread McClinton, Rick

Happy New Year Dimitri. White-listed hosts won't be affected by active-response. You can write a rule to tune out this false positive. Firstly 31151 is fired when 31101 is triggered too many times, so you can write it against either. I would suggest to write it against 31101. Then you can

[ossec-list] Re: Preventing locally triggered rule

2009-01-07 Thread McClinton, Rick

/?p=136 Rick -Original Message- From: ossec-list@googlegroups.com [mailto:ossec-l...@googlegroups.com] On Behalf Of Dimitri Yioulos Sent: Wednesday, January 07, 2009 3:53 PM To: ossec-list@googlegroups.com Subject: [ossec-list] Re: Preventing locally triggered rule Importance: Low

[ossec-list] Re: Preventing locally triggered rule

[ossec-list] Re: Preventing locally triggered rule

[ossec-list] Re: Preventing locally triggered rule

3 matches

Site Navigation

Mail list logo

Footer information