Snort mailing list archives
Tagging and Acid
From: Andreas Hasenack <andreas () conectiva com br>
Date: Tue, 21 May 2002 15:52:26 -0300
I've been using tagging and noticed that Acid can't figure out the signature name of the tagged packets. For example, the /etc/passwd rule has a tag to count two packets in the session. This generates three alerts, but Acid only sees the first one as "web-misc /etc/passwd", the other two get the "(123)Unknown Sig Name" name, probably because snort doesn't supply the signature name for tagged packets. Any workaround for that? This with snort-1.8.6 and acid-0.9.6b21. _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Tagging and Acid Andreas Hasenack (May 21)