cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IDS Snort rules

Highlighted
Getting noticed

IDS Snort rules

Afternoon all,

 

   I been grinding my gear for the last couple of days in regards to IDS snort rule causing maybe a false positive.

IDS rule went out Mar 31  2.9.11.1, which started alerting us of varies port scan going on in our internal network across all computers. We couldn't identify the culprit other then IDS was picking  on maybe Dropbox lan sync. This was only happening at our 3 Main hubs which are mx100s and 84s. There has been an update to snort rule that was pushed out  this afternoon.This has calmed things down.

 

For the IDS support or question, do we go thru meraki or SNORT.org, talos for further information on these rules, patch notes.

 

 

 

1 REPLY 1
Highlighted
Head in the Cloud

Re: IDS Snort rules

Support is handled via Meraki, so you'd preferrebly go this way. 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.