IDS in Sniffer mode should detect certain protocols only

Forum|Forum|9 years ago
September 20, 2016
0 replies
1656 views

I need to know how I can establish following configuration.

1. IDS in sniffer mode on one port (done and working)

2. I sniff the whole network traffic (done and working)

3. I want to sniff the network for all protocols but NTP or RDP shall not create an alarm or entry in the Syslog. I want to create a whitelist of protocols which are allowed in my network. All other shall create an alram. (i dont know to procede not done )

Can somebody support me in that task??? I would be very grateful.

Exist some cockbook or configuration manual which deals with that topic? I searched a lot but I couldnt find something which is matching to my problem.

Best Wishes

tom1o

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded