3. Ip on whitelist but snort is stil triggering/blocking

Ip on whitelist but snort is stil triggering/blocking

  • K

    My news provider is triggering a "SHELLCODE x86 setuid 0" alert and is therfor blocked.
    "googeling" the alert i found this article: http://security.raffy.ch/projects/Raffael_Marty_GCIA/node14.html after reading this i wanted to pass the trafic for the News server without triggering any rules/blocking so i added a cople of news server ip's to the whitelist … but snort is still trigering and blocking the server ?  even thou the server ip is clearly listed in th "whitelist" ?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy