Has anyone gone through and classified the signatures by Operating System (perhaps even patch level). I understand that not all signatures would fall into such a category (Host scanning sigs being an example) but the information is very useful if you can drop alarms that do not apply to your environment.
We are looking to run the gambit and classify the sigs but I am hoping that it has already been done :)
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...