[Emerging-Sigs] priority level

Joel Esler eslerj at gmail.com
Fri Jan 23 14:16:20 EST 2009


Priorities are different for everyone for every network.  I think  
setting of a priority though a rule is not feasible.

J

On Jan 23, 2009, at 1:57 PM, David Glosser allegedly wrote:

> I know you don't, and I just wondering if anyone has... if there are  
> any "best practices" on this, and  which rules  would one set to a  
> higher priority (ie paged in the middle of the night vs reading a  
> report during the day)... Thanks...
>
>
> On Fri, Jan 23, 2009 at 1:33 PM, Matt Jonkman <jonkman at jonkmans.com>  
> wrote:
> Hey David. Generally we don't have priorities in our rules, thats
> something you can set locally if your event manager works on them.
>
> I'll get those two removed, thanks!
>
> Matt
>
> David Glosser wrote:
> > Looks like only one or two ET rules have priority levels  
> associated with
> > them....
> >
> > Is there a list of suggested priorities for the ET rules to be  
> changed
> > via oinkmaster or something?
> >
> > For example, a higher priority for new C&C or "0day" rules.....
> >
> > Thanks
> >
> >
> >
> >
> >
> >
> >  
> ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Emerging-sigs mailing list
> > Emerging-sigs at emergingthreats.net
> > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
>
> --
> --------------------------------------------
> Matthew Jonkman
> Emerging Threats
> Phone 765-429-0398
> Fax 312-264-0205
> http://www.emergingthreats.net
> --------------------------------------------
>
> PGP: http://www.jonkmans.com/mattjonkman.asc
>
>
>
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs at emergingthreats.net
> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs


--
Joel Esler
  http://www.joelesler.nethttp://www.twitter.com/joelesler
[m]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090123/b046e0ad/attachment.html


More information about the Emerging-sigs mailing list