[Answered] Disable a Rule

Forums

Add a reply View Replies (2) →

Offline

[Answered] Disable a Rule

Resolved

0 votes

How can I disable a rule? Specifically 648. ClearOS Community release 6.3.0 (Final)

In Intrusion Detection and Prevention

Thursday, January 24 2013, 06:40 PM

Share this post:

Responses (2)

Accepted Answer

Travis Higley

Offline
Friday, January 25 2013, 02:48 PM - #Permalink
Resolved

0 votes

That was it, Thank you!
The reply is currently minimized Show
Accepted Answer
Nick Howitt

Offline
Friday, January 25 2013, 07:00 AM - #Permalink
Resolved

0 votes

A rule where? If you're talking about IDS/IPS, go to where the rules are (/etc/snort.d/rules/gpl) then do a:
grep sid:648 *.rules
This will tell you that rule 648 is in the shellcode.rules file. Edit the file and either delete the line or comment it out by putting a "#" at the front. Save the file and restart snort.
The reply is currently minimized Show

Your Reply

Please login to post a reply

You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.

Register Here »

You are here:

Community Forums

Other System Topics

Yum update problem

Sitemap

Foundation

Company

Partners

Purchase

Contact Us

Copyright © 2009- ClearFoundation Ltd.