Snort mailing list archives
machine hangs
From: Always Bishan <bishan4u () yahoo co uk>
Date: Wed, 3 Sep 2003 12:00:50 +0100 (BST)
Hi Snorters, I just made a rule to detect yahoo traffic, the rule works fine but when i try tocheck the results usiong ACID, my machine reboots. This has happened consistently for six times now. Here is the rule: ----------------- alert tcp $HOME_NET any <> $EXTERNAL_NET 5050 (msg:"CHAT Yahoo message"; flow:established; content:"YMSG"; classtype:policy-violation; sid:540; rev:8;) Any clues? Any suggestions? Is this rule right? Any flaws? Regards, Bishan ________________________________________________________________________ Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://uk.messenger.yahoo.com/ ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- machine hangs Always Bishan (Sep 03)