Snort mailing list archives
Origin 'Snort Alert' value in signature.sig_name field?
From: Robert Craig <robert.craig () alcatel com>
Date: Wed, 28 Jan 2004 14:22:02 -0600
mysql> select sig_id, sig_name from signature order by 1; sig_id | sig_name 193 | CHAT AIM login 194 | Yahoo Messenger - User Login 196 | NETBIOS SMB IPC$ share access (unicode) 197 | IMAP authenticate literal overflow attempt 198 | IMAP login literal buffer overflow attempt 212 | MISC MS Terminal server request 221 | "Outgoing FTP PUT 223 | Snort Alert [116:55:0] 224 | Snort Alert [116:54:0] What is the origin of these 'Snort Alert' values? Why isn't the proper name of the alert being entered into the table? I wouldn't care if it didn't show up in ACID. Hope someone else has seen this! Thanks! ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Origin 'Snort Alert' value in signature.sig_name field? Robert Craig (Jan 28)