Snort: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

1913 messages starting Dec 31 03 and ending Mar 31 04
Date index | Thread index | Author index

Wednesday, 31 December

Re: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Brice B
Re: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Jeff Kell
Re: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Jeff Kell
Re: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Paul Schmehl
Re: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Simon Smith

Thursday, 01 January

tcp resets on stealth interface agnelo d
Re: Oinkmaster Oddity Andreas Östling
Win32 - multiple interfaces? Rich Adamson
Re: TCP Data Offset is less than 5 GDHough
RE: Win32 - multiple interfaces? Michael Steele
upgrade to 2.1 Bryan Irvine
Re: upgrade to 2.1 Paul Schmehl
RE: Win32 - multiple interfaces? Rich Adamson
Re: Win32 - multiple interfaces? Scot Scot
Re: upgrade to 2.1 Chris Reid
Re: Win32 - multiple interfaces? Rich Adamson
Win32 v2.1 Flex not correct? Rich Adamson
Re: tcp resets on stealth interface Edin Dizdarevic
libpcre.so.0 error loading shared libraries Guy Witney Krocker
barnyard with postgres Bryan Irvine
libpcre.so.0 error loading shared libraries Guy Witney Krocker
RE: Win32 - multiple interfaces? Michael Steele
Re: libpcre.so.0 error loading shared libraries George Theall
RE: Snort-users digest, Vol 1 #3871 - 5 msgs Guy Witney Krocker
BackDoor Subsevsen Biswas, Proneet

Friday, 02 January

I have deleted the file /var/log/snort/alert and i dont see snort writing on it now. soldier Mx
diferences between the rules of whitehats.com and snort.org soldier Mx
Re: I have deleted the file /var/log/snort/alert and i dont see snort writing on it now. Edin Dizdarevic
unknown:eth0 agnelo d
RE: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Chris N
Snort, remote logging, unified logs, mudpit and me! Russell Packer
Re: I have deleted the file /var/log/snort/alert and i dont see snort writing on it now. Michael Boman
Ofcom test Russell Packer
Snort, Mudpit, Unified logs and me... Russell Packer
http_inspect question. A.L.
Re: Snort, Mudpit, Unified logs and me... Dirk Geschke
Re: Snort, Mudpit, Unified logs and me... Bamm Visscher
RE: Snort, Mudpit, Unified logs and me... Russell Packer
Re: unknown:eth0 Paul Schmehl
Re: Managing many sensors Kristofer T. Karas
compiling snort-2.1 Victor Lamptey
compiling snort-2.1 Victor Lamptey
Re: Managing many sensors Andreas Östling
Re: Snort-users digest, Vol 1 #3872 - 13 msgs Russell Fulton
2.1 compilation issues on Solaris and *BSD Erek Adams
snort-2.1.0 and barnyard Christian Beine

Saturday, 03 January

Re: Snort, Mudpit, Unified logs and me... Ben Nelson
Re: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Jim Brown
Re: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Paul Schmehl
Edit Snort's Source Code John Steele

Sunday, 04 January

cannot resolve host error Topper
Re: cannot resolve host error Rahul
Re: cannot resolve host error Topper

Monday, 05 January

Re: cannot resolve host error Topper
RE: cannot resolve host error Michael Steele
snort webmin configuration agnelo d
Re: snort webmin configuration GDHough
snort-2.1.0 and barnyard Christian Beine
RE: MYSQL Error on Windows XP snort install Scott Weller
Edit Snort's Source Code John Steele
Linux: RPM's 2.0.6 and 2.1.0 Updates? Michael Steele
Re: Snort, Mudpit, Unified logs and me... Ben Nelson
WEB-IIS view source via translate header Elena Escolano Torner
Re: Linux: RPM's 2.0.6 and 2.1.0 Updates? Daniel Wittenberg
Filter Out a Snort Decoder Mike Maki
Re: re: http\_inspect alerts Jeremy Hewlett
Re: Http_inspect: allow_proxy_use/no_alerts Jeremy Hewlett
Re: http_inspect question. Jeremy Hewlett
Detection of subnet scan activity Ben Carter
Re: Detection of subnet scan activity Matt Kettler
Gigabit IDS Tony . Williams

Tuesday, 06 January

Re: Gigabit IDS Erek Adams
HELP!!!!! Compiling Snort with MYSQL dlambeth
RE: HELP!!!!! Compiling Snort with MYSQL Peter Robb
where can i find ms_unicode_generator Koay Yee Chen
Re: HELP!!!!! Compiling Snort with MYSQL Dirk Geschke
2.1.0 Compile Probs On Windows snort user
where can i find ms_unicode_generator Koay Yee Chen
RE: where can i find ms_unicode_generator Peter Robb
2.1.0 Compile Probs On Windows snort user
RE: where can i find ms_unicode_generator Matt Kettler
RE: where can i find ms_unicode_generator Peter Robb
Re: Gigabit IDS twig les
Re: where can i find ms_unicode_generator Jeremy Hewlett
FATAL ERROR: database: mysql_error: Access denied for user: 'snor t@localhost' (Using password: YES) dlambeth
Re: RE: http\_inspect alerts Jeremy Hewlett
mysql_error: Access denied for user: 'snort@localhost' (Using pas sword: YES) dlambeth
RE: FATAL ERROR: database: mysql_error: Access denied for user: 'snor t@localhost' (Using password: YES) Michael Steele
Re: mysql_error: Access denied for user: 'snort@localhost' (Using password: YES) Leonard Miller
RE: Managing many sensors robert schwartz
Can't connect to local MySQL server through socket Jon Godin
RE: Can't connect to local MySQL server through socket Keaton, Lindamaria
RE: Can't connect to local MySQL server through socket CGhercoias
neuronal network over snort Ernesto
Re: Thresholding the Cyberkit ICMP Ping rule Jeremy Hewlett
Re: BAD-TRAFFIC loopback Jeremy Hewlett
RE: mysql_error: Access denied for user: 'snort@localhost' (Using pas sword: YES) Michael Steele
snort signature updates agnelo d
Re: snort signature updates Michael Boman

Wednesday, 07 January

threshold in rule definition and in threshold.conf Nerijus Krukauskas
Extrange alerts Ruben Rubio
Dual Processor Machines Jason Alexander
Build problem with Snort CVS Michael W. Lucas
Re: Build problem with Snort CVS Erek Adams
Re: Build problem with Snort CVS Bamm Visscher
Re: threshold in rule definition and in threshold.conf Jeremy Hewlett
Re: Build problem with Snort CVS Michael W. Lucas
Re: Threshold settings Brian
Spp_portscan2 Bell, Josh
Re: Dual Processor Machines Ben Nelson

Thursday, 08 January

Stop logging specific Host & Source service Ow Mun Heng
RE: Dual Processor Machines PPowenski
No alerts? Russell Packer
neuronal network over snort Ernesto
RE: No alerts? Russell Packer
Snort Inline on Redhat 9 Michael Little
Re: Snort Inline on Redhat 9 tslighter
Re: Snort Inline on Redhat 9 tslighter
Which Linux distro for a Win32 Snort admin? Robert Reid
RE: Which Linux distro for a Win32 Snort admin? Russell Packer
Re: Which Linux distro for a Win32 Snort admin? Leonard Miller
Re: Re: Which Linux distro for a Win32 Snort admin? Leonard Miller
Danny Li/AP/NSC is out of the office. Danny Li
Re: Which Linux distro for a Win32 Snort admin? Daniel Wittenberg
graphs from the perfmonitor preprocessor Andreas Östling
MS-SQL Worm propagation -false positive Natalie Keller
MySql + Snort config errors (yet again) M. Morgan
Re: MySql + Snort config errors (yet again) Leonard Miller
RE: MySql + Snort config errors (yet again) robert schwartz
Segmentation Fault Sudhakar Gummadi
RE: MS-SQL Worm propagation -false positive larosa, vjay
Re: Segmentation Fault Erek Adams

Friday, 09 January

Snort Performance mik sib
Re: MS-SQL Worm propagation -false positive Martin Olsson
2.1.0 (build9) ERROR: unknown preprocessor "à_decode" Tony Oger
AW: [Snort-users] 2.1.0 (build9) ERROR: unknown preprocessor "à_decode" Poppi, Sandro
Re: AW: [Snort-users] 2.1.0 (build9) ERROR: unknown preprocessor "à_decode" Tony Oger
Re: AW: AW: AW: [Snort-users] 2.1.0 (build9) ERROR: unknown preprocessor "à_decode" Tony Oger
Snort (2.1), MySQL (4 up), Barnyard (0.1.0) jthomas
Why is this rule still being tripped? Orion Poplawski
RE: Which Linux distro for a Win32 Snort admin? Robert Reid
Question about var SERVICE_PORTS Schmehl, Paul L
Upgrade 2.0 to 2.1 Steve Jacobsen
compilation errors Victor Lamptey
Re: Question about var SERVICE_PORTS Andreas Östling
RE: Question about var SERVICE_PORTS Schmehl, Paul L
RE: Question about var SERVICE_PORTS Andreas Östling
RE: Segmentation Fault Sudhakar Gummadi
Re: [Snort-users] AW: [Snort-users] 2.1.0 (build9) ERROR: unknown preprocessor "à_decode" Scott Zawalski

Saturday, 10 January

snort reference Jinqiao Yu
Re: RE: Segmentation Fault Martin Roesch
Re: Why is this rule still being tripped? Martin Roesch
SnortConsole: Unable to connect to remote sensor Jeff Evenson

Sunday, 11 January

Some please help me.. pctech2000
Please help me... Joshua McDowell
Is anyone getting these? pctech2000
test Joshua McDowell
Please help me.. (Last tiem I will send this out, don't think it made it the first time) Joshua McDowell
ANNOUNCEMENT: Snort-IDMEF-Plugin 1.2.3alpha for snort 2.1.0 released Sandro Poppi
snort reference Jinqiao Yu
Another question... Joshua McDowell
correction Joshua McDowell
simple snort pass ICO Staff
Re: simple snort pass Chris Keladis

Monday, 12 January

SMTP Not Logged David Porter
Re: Please help me... James Nonya
taps What Brand and Where in network Mark McDonagh
Re: Some please help me.. Erek Adams
RE: taps What Brand and Where in network CGhercoias
RE: taps What Brand and Where in network PPowenski
RE: taps What Brand and Where in network Richard Bejtlich
Using ACID with PostgreSQL 7.4.1 Martinelli Paolo A.
Suppression configuration reading IP address backwards? Martin McKeay
Re: Dual Processor Machines fiorenzi () tiscali it
Re: threshold in rule definition and in threshold.conf Nerijus Krukauskas
SnortCenter v1.0 RC1 byte_test work around Richard Pesce
Segmentation Fault Sudhakar Gummadi
Re: Segmentation Fault SN ORT
Re: ANNOUNCEMENT: Snort-IDMEF-Plugin 1.2.3alpha for snort 2.1.0 released Sandro Poppi
Upgrade to 2.1.0 help needed shadow man
Upgrading from 2.0 to 2.1? Steve Jacobsen
installing 2.1.0 on Solaris 8 - problems & solutions Subramanikandan Somasundaram (Mani)
BUG in fpdetect.c (2.1.0)? Stephen Reed
SnortCenter v1.0 RC1 byte_test work around Richard Pesce
Snort 2.1.0 and http_decode issue Micah Powell
numbers meaning Mauricio Smythe
Upgrading from 2.0 to 2.1? Steve Jacobsen
Re: BUG in fpdetect.c (2.1.0)? Andreas Östling
Re: Upgrade to 2.1.0 help needed Dave C
Re: Upgrade to 2.1.0 help needed tslighter
Snort Center Replacement Jason Alexander
Last CID and Duplicate Records Ron Shuck
RE: taps What Brand and Where in network Ron Shuck
Re: numbers meaning Brian
Re: Segmentation Fault Josh . Sakofsky
RE: taps What Brand and Where in network Peters, Michael D.
Please help. Why I can't post in this list? My message bodies were alwasy cut. Jinqiao Yu
Problems with snort-2.1.0 Schmehl, Paul L
Re: Build problem with Snort CVS Michael Boman
Re: Upgrading from 2.0 to 2.1? Michael Boman
RE: taps What Brand and Where in network Richard Bejtlich
https and http_inspect gives *many* false positives Edward van der Jagt
Re: https and http_inspect gives *many* false positives Jason Haar
Re: https and http_inspect gives *many* false positives Edward van der Jagt
Re: https and http_inspect gives *many* false positives Jason Haar
Re: https and http_inspect gives *many* false positives Jason

Tuesday, 13 January

RE: Dual Processor Machines PPowenski
snort ssl plug-in Derya Sezen
Snort Implementation yyyyyy yaher
Snort Implementation yyyyyy yaher
Snort Implementation yyyyyy yaher
Re: snort ssl plug-in Jason Haar
unusually high port scan activity Everist, Benjamin S. CTR (WHDB)
Portscan shows 100% traffic in ACID's main window Ruiyuan Jiang
Re: Dual Processor Machines Michael Stone
Re: Build problem with Snort CVS Erek Adams
Re: Snort Implementation Matt Kettler
Solaris 9 make error? Peters, Michael D.
RE: installing 2.1.0 on Solaris 8 - problems & solu tions Peters, Michael D.
ACID v0.9.6b24, spp_portscan2 and spp_portscan Richard Pesce
Re: ACID v0.9.6b24, spp_portscan2 and spp_portscan Richard Pesce
Re: ACID v0.9.6b24, spp_portscan2 and spp_portscan Richard Pesce
Re: Why is this rule still being tripped? Orion Poplawski
Re: snort ssl plug-in Matt Kettler
Snort 2.1.0 - Shutting up http_inspect on non web servers James Nonya
Re: ACID v0.9.6b24, spp_portscan2 and spp_portscan Richard Pesce
There is no /var/log/snort/alert file d_greenjr
RE: Problems with snort-2.1.0] Daniel J. Roelker
snort reference Jinqiao Yu
Re: snort reference Matt Kettler
RE: Problems with snort-2.1.0] Schmehl, Paul L
Re: https and http_inspect gives *many* false positives Edward van der Jagt
hi, are there the signatures or rules of the new local bugs ,, do_mremap and do_brk() ??? soldier Mx
Re: hi, are there the signatures or rules of the new local bugs ,, do_mremap and do_brk() ??? Michael Boman
Where can i get a Simlation attack to see if all my rules work! ? soldier Mx
Re: snort ssl plug-in Derya Sezen

Wednesday, 14 January

Re: Where can i get a Simlation attack to see if all my rules work! ? Dirk Geschke
Query on processor(frag2) WAN FAT WU
Upgrade from 2.0.1 error? Peters, Michael D.
Snort-Perl Plugin Josh Berry
Re: Snort 2.1.0 - Shutting up http_inspect on non web servers James Nonya
Re: Upgrade from 2.0.1 error? Dirk Geschke
RE: Where can i get a Simlation attack to see if all my rules work! ? Button, William (STRA)
RE: Snort 2.1.0 - Shutting up http_inspect on non web servers Schmehl, Paul L
Snort output into MySQL with activate/dynamic rules Thomas Reisinger
Error while compile snort with mysql version 4.0.17 bclark
RE: snort ssl plug-in robert schwartz
Snort 2.0.6 - Error with a working rule under Snort-2.0.2 CGhercoias
Error Installing PHP Syed Ali
Re: Error Installing PHP Leonard Miller
Re: Error while compile snort with mysql version 4.0.17 twig les
WEB-IIS view source via translate header false alarms Bradberry, John
Re: Error while compile snort with mysql version 4.0.17 bclark
Re: WEB-IIS view source via translate header false alarms James Nonya
Perfmonitor...does anyone really use this thing? James Nonya
Simple questions. Peters, Michael D.
RE: Problems with snort-2.1.0 Daniel J. Roelker
Re: Snort 2.1.0 - Shutting up http_inspect on non web servers James Nonya
Stupid question re: message archives ... Michael Chapman
RE: Problems with snort-2.1.0 Schmehl, Paul L
Tell snort to resolve ip or use /etc/hosts? James Nonya
Re: Simple questions. Jeremy Hewlett
Re: Simple questions. Matt Kettler
Re: Snort 2.1.0 - Shutting up http_inspect on non web servers Owen McCusker
Re: Tell snort to resolve ip or use /etc/hosts? james
Re: Tell snort to resolve ip or use /etc/hosts? Matt Kettler
RE: Snort 2.1.0 - Shutting up http_inspect on non web servers Schmehl, Paul L
Re: Stupid question re: message archives ... Matt Kettler
RE: Problems with snort-2.1.0 DM
No portscan showing in ACID anymore? Peters, Michael D.
RE: Tell snort to resolve ip or use /etc/hosts? SRH-Lists
Re: Snort 2.1.0 - Shutting up http_inspect on non web servers James Nonya
Re: Perfmonitor...does anyone really use this thing? Andreas Östling
Re: Error while compile snort with mysql version 4.0.17 Dirk Geschke
Re: Perfmonitor...does anyone really use this thing? Edin Dizdarevic
Re: Error while compile snort with mysql version 4.0.17 bclark
RE: Problems with snort-2.1.0 Andreas Östling
Re: Error while compile snort with mysql version 4.0.17 Dirk Geschke
Hey who use SWATCH!?? when there is an scan, i get too many mails on root () domain com soldier Mx
Snort rule "pass" not working right with -o option... Sekurity Wizard
Please help with this strangeness Michael Thompson
Pcap_loop error Silva, Pedro
File Size Limit Exceeded - error RAJNEEL DHOTRE

Thursday, 15 January

Question-using perl with snort-creating a user friendly interface gautam nijhawan
Question-using perl with snort-creating a user friendly interface gautam nijhawan
Re: File Size Limit Exceeded - error Erek Adams
Re: Please help with this strangeness Erek Adams
ICMP L3retriever Ping Craig D. Thomas
RE: Hey who use SWATCH!?? when there is an scan, I get too many mails on root () domain com Peters, Michael D.
Re: Hey who use SWATCH!?? when there is an scan, i get too many mails on root () domain com henk
There is no /var/log/snort/alert file d_greenjr
no alerts logged Mat Harris
Snort 2.0.6 - Error with a working rule under Snort-2.0.2 CGhercoias
RE: Question-using perl with snort-creating a user friendly interface Schmehl, Paul L
Re: Perfmonitor...does anyone really use this thing? sam
Re: Perfmonitor...does anyone really use this thing? Edin Dizdarevic
RE: Error Installing PHP Bradberry, John
RE: Problems with snort-2.1.0 Daniel J. Roelker
Is ACID Dead? McCash, John
Re: Is ACID Dead? Scott Skrogstad
RE: Is ACID Dead? McCash, John
Help needed with confusing issue... Kelly Slavens
RE: Is ACID Dead? Owen McCusker
RE: Is ACID Dead? CGhercoias
RE: Is ACID Dead? Richard Pesce
Re: Is ACID Dead? Bamm Visscher
Re: no alerts logged M. Morgan
Re: Is ACID Dead? Michael Anderson
SnortCenter and MySQL Jeff Evenson
Re: Is ACID Dead? John Creegan
Re: no alerts logged Mat Harris
MMAP-ed libpcap for linux kernels including linux-2.6.x Phil Wood
Differences Between Versions Michael Thompson
RE: no alerts logged Michael Chapman
Re: Question-using perl with snort-creating a user friendly interface gautam nijhawan

Friday, 16 January

Hey, how could i delete the alert log cuz /var is full soldier Mx
Re: Differences Between Versions Martin Olsson
unsubscribe Pete
portscan but no rules - Was: Re: no alerts logged Mat Harris
Snort Setup Guide w/Mandrake 9.2 Nick Duda
RE: Is ACID Dead? Dave Randolph
RE: Is ACID Dead? Josh Berry
RE: taps What Brand and Where in network Petriz, Pablo
Re: Hey, how could i delete the alert log cuz /var is full Matt Kettler
identify Chinese character in the snort binary log Bin Liu
Re: Hey, how could i delete the alert log cuz /var is full james
Re: Hey, how could i delete the alert log cuz /var is full james
RE: no alerts logged Michael Chapman
Re: Is ACID Dead? Owen McCusker
Snort, Logging, and Windows 2000 John Guenin
RE: no alerts logged Michael Chapman
Re: Is ACID Dead? Jason Alexander
Re: Snort, Logging, and Windows 2000 Rob Lewis
[Fwd: Re: Error while compile snort with mysql version 4.0.17] bclark
No portscan traffic? Peters, Michael D.
RE: Hey, how could i delete the alert log cuz /var is full Bell, Josh
RE: Is ACID Dead? Dave Randolph
ERROR: unknown preprocessor "http_decode" Warner Joseph
Re: ERROR: unknown preprocessor "http_decode" james
messages to syslog at startup. Dave Randolph
Re: Is ACID Dead? Roman Danyliw
Snort setting off my pager Michael W. Lucas
RE: Snort setting off my pager Nick Duda
RE: Is ACID Dead? Michael Pacheco
Re: ERROR: unknown preprocessor "http_decode" Erek Adams
RE: ERROR: unknown preprocessor "http_decode" Warner Joseph
Re: Is ACID Dead? Owen McCusker
Compiling snort and mysql bclark
Re: [Fwd: Re: Error while compile snort with mysql version 4.0.17] Dirk Geschke
Re: Compiling snort and mysql Dirk Geschke
Re: Is ACID Dead? lists
Unified log format. Chris Keladis

Saturday, 17 January

Re: Snort setting off my pager Jim Brown
Re: Unified log format. Martin Roesch
Re: messages to syslog at startup. Martin Roesch
Re: Why is this rule still being tripped? Martin Roesch
im getting alot of FAlse alert that are making my /var partition fUll soldier Mx

Sunday, 18 January

Yahoo Instant Messenger Michael Little
Device didn't translate Di Fresco Marco
RE: Yahoo Instant Messenger Biswas, Proneet
RE: ERROR: unknown preprocessor "http_decode" Schmehl, Paul L

Monday, 19 January

the alert log is getting so huge in minutes! soldier Mx
Re: Yahoo Instant Messenger Ravi
Hey the option Dsize is useful against the buffer overflows ? soldier Mx
IPS Group test report now available Bob Walder
App Eventlog: missing event id Romulo M. Cholewa
error- newbe Ronen Kfir
Is IPTables blocking Snort detection? Stephen W. Corey - 5535
Re: Is IPTables blocking Snort detection? Dirk Geschke
RE: Yahoo Instant Messenger CGhercoias
Re: Hey the option Dsize is useful against the buffer overflows ? Matt Kettler
Re: Is IPTables blocking Snort detection? Matt Kettler
RE: the alert log is getting so huge in minutes! Hudak, Tyler
beagle worm Robert Vance Jr
Re: Why is this rule still being tripped? Orion Poplawski
Re: Barnyard 0.1.0 and the "unable to find mysqlclient library" issue John Sage
Re: Barnyard 0.1.0 and the "unable to find mysqlclient library" issue Dirk Geschke
RE: Understanding what I am seeing - MS-SQL worm propagation attempt ... Michael Chapman
Re: Barnyard 0.1.0 and the "unable to find mysqlclient library" issue John Sage
EasyIDS updated Gregory W. Ratcliff
RE: Yahoo Instant Messenger Biswas, Proneet

Tuesday, 20 January

RE: Barnyard 0.1.0 and the "unable to find mysqlcli ent library" issue PPowenski
Snort 2.1.0, getting mixed up signatures. Patrik Astrom
snort misses attacks it normaly detects dibo303
Snort 2.1.0 with snortsnarf Singh,Manoj [Ontario]
Snort with Oracle Benny Late
Re: Snort with Oracle Rick Coloccia
RE: Snort with Oracle Kreimendahl, Chad J
Re: Snort with Oracle Matt Kettler
RE: Snort with Oracle Kreimendahl, Chad J
ACID: Can not send emails... Sarmiento, Miguel
Signature question... Jeff Kell
Frontends for Snort aravind babu

Wednesday, 21 January

How do I supress file-logging but not database-logging? Martin Olsson
Re: How do I supress file-logging but not database-logging? Dirk Geschke
Re: How do I supress file-logging but not database-logging? Martin Olsson
Portscans not displayed in ACID? Peters, Michael D.
RE: Frontends for Snort Kaplan, Andrew H.
RE: Frontends for Snort Grime, Richard S
RE: Frontends for Snort Jeff Dell
Re: How do I supress file-logging but not database-logging? Bamm Visscher
Re: How do I supress file-logging but not database-logging? Martin Olsson
Re: How do I supress file-logging but not database-logging? Frank Knobbe
Snort 2.1.0 with snortsnarf Singh,Manoj [Ontario]
portscan2 Fred McFeeters
Snort1.9 on RH7.3 Upgrade to Snort2.x on RH9 Escudero, Peter Louis
How to generate snort log file with the name format file_yyyymmdd Daily? Snortty
payload clarification Hudak, Tyler
Truncated TCP options? Jeff Kell
Re: Frontends for Snort deny1
Snort and fragmentation Hudak, Tyler
help Vimal Goel
Using snort to listen on a nic without an IP Mark Reis
Re: Using snort to listen on a nic without an IP james
Re: Using snort to listen on a nic without an IP M. Morgan
Re: Using snort to listen on a nic without an IP Frank Knobbe
RE: Using snort to listen on a nic without an IP Schmehl, Paul L
RE: Using snort to listen on a nic without an IP List Mail
Re: help deny1
Why the tag option and resp neither works! soldier Mx

Thursday, 22 January

snort 2.1.0 stops logging Pickel, Gerd - Betax-Systems GmbH (IT)
Libprelude working with snort 2.1.x Martin Olsson
Re: Frontends for Snort deny1
mimail.c Biswas, Proneet
Re: Libprelude working with snort 2.1.x Martin Olsson
Re: Truncated TCP options? MH
AW: snort 2.1.0 stops logging Pickel, Gerd - Betax-Systems GmbH (IT)
Re: Re: [Snort-users] Libprelude working with snort 2.1.x Chris Green
i use /etc/iinit.d/snort start but... soldier Mx
Snort 2.1.0 with snortsnarf Singh,Manoj [Ontario]
portscan alerts? Peters, Michael D.
Snort 2.1.0 rules won't update in SnortCenter Jeff Evenson
RE.: arp spoof Richard Pesce
port number or'ing Craig Mueller
ACID Alert Cache Josh Berry
Using snort to listen on a nic without an IP Mark Reis
App Eventlog: missing event id Romulo M. Cholewa
RE: Frontends for Snort Brian Whitehead
Re: Snort-users digest, Vol 1 #3919 - 4 msgs Aaron
NEW TO SNORT -HELP ME vasanth b
need help Vimal Goel
any info about the interface deny
Mysql error ewingh
Snort 2.1 Install and Libpcre Error admin
Attack Detection: Then what Owais Bin Zuber
Snort FAQ Submission Erich Trowbridge
snort: database: mysql_error: Duplicate entry Adam Kaufman
Mysql Segmentation error and restarts Vijay Krishnan
Alert Testing Warner Joseph
portscan2 vs portscan Fred McFeeters
RE: Frontends for Snort Jeff Dell
RE: Using snort to listen on a nic without an IP Vigilant Labs

Friday, 23 January

detecting fragmented portscan with snort 2.1.0 Jochen
Getting Snort.org SID's with acid John Brewer
Snort MySQL problem Neil Fryer
RE: Snort MySQL problem Neil Fryer
RE: Portscans not displayed in ACID? Peters, Michael D.
gen-msg.map additions? Peters, Michael D.
RE: Alert Testing Warner Joseph
Re: Snort 2.1.0 rules won't update in SnortCenter Jason Alexander
RE: Snort MySQL problem Neil Fryer

Sunday, 25 January

Re: Attack Detection: Then what M. Morgan

Monday, 26 January

RE: Snort MySQL problem Schmehl, Paul L
Answered my own question (mysql support).. chris
cost/benefit analysis of running Snort Tom Fulton
alert_syslog plugin problem Gema de Toro Sánchez
non-root user cannot run snort Robert Storey
Re: non-root user cannot run snort Edin Dizdarevic
Security Event Management for Linux Josh Berry
Re: non-root user cannot run snort Erwin Van de Velde
Snort readng across switches? M. Morgan
Re: alert_syslog plugin problem James Nonya
Re: non-root user cannot run snort d_greenjr
Compromising Packet... Dusty Hall
Compromising Packet... Dusty Hall
RE: non-root user cannot run snort Grime, Richard S
sending paylog data (tcpdump formated) to more than 2 remote servers. samwun
location to download barnyard samwun
RE: snort: database: mysql_error: Duplicate entry Chris N
RE: Compromising Packet... Dusty Hall
Re: Snort readng across switches? Matt Kettler
New Worm / Virus - WORM_MIMAIL.R? sam
(no subject) jhally
Port or'ing Craig Mueller
(no subject) tony . williams

Tuesday, 27 January

It is like "guardian" but then not. Try "GateKeeper". Alon Noy
ACID / SnortSnarf Fred McFeeters
Re: non-root user cannot run snort Robert Storey
Re: non-root user cannot run snort Robert Storey
RE: New Worm / Virus - WORM_MIMAIL.R? CGhercoias
RE: [Snort-sigs] New Worm / Virus - WORM_MIMAIL.R? Jim Clews
Where Can i get any open standart for IDS Aaron Babalola
RE: Snort 2.1.0 rules won't update in SnortCenter Jeff Evenson
RE: New Worm / Virus - WORM_MIMAIL.R? Brian M. Diehl
FW: Alert Testing Warner Joseph
'mysql' support is not compiled...OH YES IT IS chris
Re: Where Can i get any open standart for IDS Keith W. McCammon
question tslighter
Re: non-root user cannot run snort Matt Kettler
Re: non-root user cannot run snort Edin Dizdarevic
Re: 'mysql' support is not compiled...OH YES IT IS Bamm Visscher
Excluding Ip from Alert logging! Gabriel Moricz
Re: 'mysql' support is not compiled...OH YES IT IS Matt Southworth
Excluding Ip from Alert logging! Gabriel Moricz
Status of IDMEF support? Joshua Wright
Re: Excluding Ip from Alert logging! Edin Dizdarevic
Re: Status of IDMEF support? Joe McAlerney
[Snort-users]Problem with configuration jim_patterson
RE: [Snort-sigs] New Worm / Virus - WORM_MIMAIL.R? Jim Clews
Snort 2.0.6 fails to close portscan.log on SIGHUP Bill McCarty
Needed: sample stunnel 4.04 stunnel.conf files Witt, Allen
Re: 'mysql' support is not compiled...OH YES IT IS chris
snort 2.1.0 bugs ? Koay Yee Chen
RE: [Snort-sigs] Signature for "W32_Novarg_SCO_DOS" larosa, vjay
Snort errors on startup -- rules related? Ben Beeson
same tcpdump.log to remote log server instead of local sensor samwun
Multihomed Sensor mailing-list
snort 2.1.0 bugs ? Koay Yee Chen
RE: Snort readng across switches? SN ORT
Info Neil Fryer
2 class C network Greg Chu
Re: Signature question... Jeff Penn
Re: non-root user cannot run snort Robert Storey

Wednesday, 28 January

Why resp and session option Dont work!? soldier Mx
AW: Status of IDMEF support? Poppi, Sandro
Re: [Snort-sigs] New Worm / Virus - WORM_MIMAIL.R? Bryan Irvine
Re: [Snort-sigs] New Worm / Virus - WORM_MIMAIL.R? Joe Stewart
Re: Updating new virus signatures Michael . Mulholland
Re: same tcpdump.log to remote log server instead of local sensor Frank Knobbe
Hwscnqybfzr tony . williams
RE: same tcpdump.log to remote log server instead oflocal sensor samwun
RE: same tcpdump.log to remote log server instead oflocal sensor samwun
RE: Multihomed Sensor Kreimendahl, Chad J
RE: Multihomed Sensor Dean Davis
RE: Multihomed Sensor Kreimendahl, Chad J
Re: [Snort-sigs] New Worm / Virus - WORM_MIMAIL.R? sam
It is like "guardian" but then not. Try "GateKeeper". Alon Noy
RE: Re: [Snort-sigs] New Worm / Virus - WORM_MIMAIL.R? Brian Gregorcy
Temporary "solution" to MyDoom worm Fabio Bastiglia Oliva
RE: Multihomed Sensor DeBerry, Casey
Here are my updated MyDoom/MIMAIL.R and Variant signatures for Snort sam
bravo tslighter
Re: Needed: sample stunnel 4.04 stunnel.conf files twig les
Re: Snort errors on startup -- rules related? Josh Berry
RE: Re: [Snort-sigs] New Worm / Virus - WORM_MIMAIL.R? Martin Jr., D. Michael
Origin 'Snort Alert' value in signature.sig_name field? Robert Craig
RE: Needed: sample stunnel 4.04 stunnel.conf files robert schwartz
[Fwd: Auto update of sigs (was: Novarg Virus)] bclark
Re: [Snort-sigs] New Worm / Virus - WORM_MIMAIL.R? Bryan Irvine
Re: Temporary "solution" to MyDoom worm Fabio Bastiglia Oliva
Question about snortcenter on OpenBSD 3.4 Jon

Thursday, 29 January

Snort-2.1.0 and flexresp2 James Nonya
A manual-tutorial-txt-paper about RULE OPTIONS? and... soldier Mx
Re: non-root user cannot run snort Edin Dizdarevic
preprocessor flow-portscan Kevin Amorin
Multi-homed Sensor Enerio, Rico
cost/benefit of Snort uuyys84
About the ruletype syntax sutra
Order on snort rules Nadia Guerroumi
RE: Snort MySQL problem Schmehl, Paul L
Installing Snort on SuSe Linux machine John Ceballos-contr

Friday, 30 January

Any known isssues Ravi
Re: Multi-homed Sensor Michael Boman
Testing Snort-inline without any rules aravind babu
Snort-inline in embedded device aravind babu
RE: snort: database: mysql_error: Duplicate entry Warner Joseph
Re: Testing Snort-inline without any rules aravind babu
Re: preprocessor flow-portscan Chris Green
RE: Temporary "solution" to MyDoom worm snort-ml
Fw: Why logging the attacked one? Gabriel Moricz
Re: cost/benefit analysis of running Snort M. Morgan
GateKeeper for snort Alon Noy
RE: Installing Snort on SuSe Linux machine KS
Re[2]: Temporary "solution" to MyDoom worm Fabio Bastiglia Oliva
Re[2]: Temporary "solution" to MyDoom worm Fabio Bastiglia Oliva
snort 2.1 and stream4 snort user
FW: remote tcpdump output & analysis (database) McCash, John
Duplicate entries John Creegan
Re: About the ruletype syntax Brian
RE: MyDoom/Novarg Martin Jr., D. Michael
Re: Order on snort rules Edin Dizdarevic
Off topic- Your Favorite Linux Distro DeBerry, Casey
Re: Off topic- Your Favorite Linux Distro David Alonso De La Vega Tapage
RE: Off topic- Your Favorite Linux Distro Christopher Lyon
Re: snort 2.1 and stream4 Matt Kettler
MyDoom DOS detection hugh_fraser
Re: Off topic- Your Favorite Linux Distro Kristofer T. Karas
RE: Multi-homed Sensor Jim Hendrick
Why logging the attacked one? Gabriel Moricz
Re: Order on snort rules Jeremy Hewlett
Quick stupid question James Nonya
Segfault with snort 2.0 Jeff Kell
RE: same tcpdump.log to remote log server instead oflocal sensor Frank Knobbe
RE: Why logging the attacked one? Erickson Brent W KPWA
libmysqlclient.so.12 error when I start snort. John Brewer
[REPOST] Snort not loging on MySql Di Fresco Marco
Re: Quick stupid question Michael Boman

Saturday, 31 January

Please help here vasanth b
remote tcpdump output & analysis (database) McCash, John
Re: Quick stupid question ravivsn
Re: libmysqlclient.so.12 error when I start snort. Dirk Geschke
Re: payload clarification Jeremy Hewlett
Re: remote tcpdump output & analysis (database) Dirk Geschke
Re: Temporary "solution" to MyDoom worm Matt Kettler
Re: Segfault with snort 2.0 James Edwards
Re: Installing Snort on SuSe Linux machine Tim Sutinen
Re: Off topic- Your Favorite Linux Distro Mark Nipper
How to add preprocessor? Gema de Toro Sánchez
RE: Snort-users] Here are my updated MyDoom/MIMAIL.R and Variant signatures for Sam Evans
Re: Snort-inline in embedded device ravivsn
RE: Please help here Mark E. Donaldson
Re: Off topic- Your Favorite Linux Distro Paul Schmehl
snort 2.1 & stream4 snort user
Re: Quick stupid question Dragos Ruiu
RE: Multihomed Sensor mailing-list
Hopefully someone else has a better grasp on HTTP/_Inspect Jason Kolberg
RE: Off topic- Your Favorite Linux Distro Erek Adams
Re: non-root user cannot run snort Brian
How to modify the signature reference in sid-msg.map Jinqiao Yu
How to modify the signature reference in sid-msg.map Jinqiao Yu
Re: 2 class C network Jeff
Re: Segfault with snort 2.0 Erek Adams
RE: snort: database: mysql_error: Duplicate entry Hutchinson, Andrew
Re: Installing Snort on SuSe Linux machine Alexandr
Any known isssues Ravi
Snort Performance issues Marc Quibell
Why logging the attacked one? Gabriel Moricz
Re: Hopefully someone else has a better grasp on HTTP/_Inspect Erek Adams
Re: Multi-homed Sensor Marc Spitzer
Re: Why resp and session option Dont work!? Jeremy Hewlett
Re: Snort-inline in embedded device Matt Kettler

Sunday, 01 February

idea for detection of rouge nodes? Fred McFeeters
Using ACID with Snort 2.1.0? Michael Steele
Re: [Looking for] Open source reporting tool Michael Boman
Re: Off topic- Your Favorite Linux Distro Tim Sutinen
regarding snort rules naganandas
[Looking for] Open source reporting tool Aaron
Ethernet Tap Question smbrown
Replicated sensors? Toby Rodwell
Re: idea for detection of rouge nodes? James Edwards
SnortCenter probelms Toby Rodwell
looking for working 2.1.0 Troy Jordan
Content scanning Heinrich vanRiel
Re: Off topic- Your Favorite Linux Distro M. Morgan
Paul CTR Passey is no longer supporting the CSIRC Paul . CTR . Passey
Re: regarding snort rules Ravi

Monday, 02 February

Viirus rules Michael . Mulholland
CFP - ESORICS 2004 - Call for Papers Fabien Pouget
CFP - RAID 2004 - Call for Papers Fabien Pouget
snort and mysql unknown index
RUXCON Call For Papers rux
Snort not loging on MySql Di Fresco Marco
RE: Re: [Snort-sigs] New Worm / Virus - WORM_MIMAIL.R? SN ORT
[REPOST] Snort not loging on MySql Di Fresco Marco
Re: Snort-users] Here are my updated MyDoom/MIMAIL.R and Variant signatures for SN ORT
Snort 2.1.0 mysql plug-in Bill-IS . Dixon
Snort performance SN ORT
SNORT and Linux 8.0 Michael Karl
Re: SNORT and Linux 8.0 Edin Dizdarevic
Re: snort and mysql Edin Dizdarevic
RE: SNORT and Linux 8.0 Shaffer, Paul D
retrieve IDS from unix sock Matteo
RE: SNORT and Linux 8.0 PPowenski
RE: SNORT and Linux 8.0 John Creegan
Re: Viirus rules Matt Kettler
Re: Ethernet Tap Question M. Morgan
RE: snort: database: mysql_error: Duplicate entry John Creegan
RE: SNORT and Linux 8.0 Dave Randolph
RE: SNORT and Linux 8.0 Thompson, Jimi
RE: Snort not loging on MySql Michael Steele
RE: Snort performance Michael Steele
Snort dropping packets KS
Re: SNORT and Linux 8.0 Andy Richter
RE: Ethernet Tap Question CGhercoias
W32.Novarg.A@mm worm Work!, but.... Snortty
Re: SNORT and Linux 8.0 Keith W. McCammon
RE: SNORT and Linux 8.0 robert schwartz
RE: SNORT and Linux 8.0 Jim Hendrick
RE: SNORT and Linux 8.0 Matt Kettler
Re: Snort dropping packets Matt Kettler
How are alerts being logged? Peggy Kam
What to do with malicius encrypted code!??i soldier Mx
RE: SNORT and Linux 8.0 Nick Duda
Re: [Looking for] Open source reporting tool Aaron
RE: SNORT and Linux 8.0 Shaffer, Paul D
Correct version of libpcap? Sheahan, Paul
Help needed with logs Peggy Kam
Re: How are alerts being logged? Erek Adams
Re: Correct version of libpcap? Erek Adams
Re: Snort dropping packets Erek Adams
RE: SNORT and Linux 8.0 Erek Adams
monitoring only occuring on snort host Ted Iglehart
DNS server keeps communicating with Darkprofits.net and darkprofits.com Marlon . Richards
Re: DNS server keeps communicating with Darkprofits.net and darkprofits.com Sean Lazar
RE: idea for detection of rouge nodes? Fred McFeeters

Tuesday, 03 February

RE: SNORT and Linux 8.0 PPowenski
Re: Help needed with logs Michael Boman
Obtain CVE id from unix sock output of Snort Matteo
setting up Snort for the first time Richard Worwood
Re: DNS server keeps communicating with Darkprofits.net and darkprofits.com Ben Nelson
Re: monitoring only occuring on snort host Matt Kettler
Re: Correct version of libpcap? Christian Ehlen
snapshot layouts on snort.org Brian
Re: Obtain CVE id from unix sock output of Snort Brian
Re: What to do with malicius encrypted code!??i Matt Kettler
RE: DNS server keeps communicating with Darkprofits.net and darkprofits.com Grime, Richard S
Re: setting up Snort for the first time bclark
how to start to read the snort source code Tao Peng
Re: how to start to read the snort source code Matt Kettler
Help with a new rule to detect web traffic Chris Hoover
RE: Obtain CVE id from unix sock output of Snort Biswas, Proneet
Re: snapshot layouts on snort.org Andreas Östling

Wednesday, 04 February

Re: *BSD performance (was:Correct version of libpcap?) Martin Olsson
Snort Mysql Acid Combo Sam Osuala
Question on snort redirecting WAN FAT WU
snort and honeypot WAN FAT WU
Re: Snort Mysql Acid Combo Martin Olsson
Re: setting up Snort for the first time Christian Ehlen
Re: Snort Mysql Acid Combo Sam Osuala
Re: Snort Mysql Acid Combo Mark Fagan
Re: Snort Mysql Acid Combo Martin Olsson
one IP Keming
Re: Snort Mysql Acid Combo Sam Osuala
Re: Snort Mysql Acid Combo Sam Osuala
Re: Question on snort redirecting Jack Whitsitt (jofny)
Re: Snort Mysql Acid Combo M. Morgan
Does barnyard work with snort2.1.0? David
Re: Does barnyard work with snort2.1.0? Bamm Visscher
Port scans not showing up in ACID. Peters, Michael D.
drowning in http inspect NON RFC character alerts John York
Duplicate alerts John Creegan
RE: Snort Mysql Acid Combo Michael Steele
Re: one IP Matt Kettler
Re: Snort Mysql Acid Combo Josh Berry
Email Notification Methods? M. Morgan
Re: Snort Mysql Acid Combo Nick Oliver
error start snort metthewm
Re: Question on snort redirecting Owen McCusker
Re: Email Notification Methods? Dirk Geschke
Snort 2.1.1-RC1 Available Jeremy Hewlett
Re: snort and honeypot Skip Carter
RE: Email Notification Methods? Michael Steele
RE: Port scans not showing up in ACID. Michael Steele
Re: Question on snort redirecting Matt Kettler

Thursday, 05 February

Scan Nmap, Multicast Address Özgüç Bayrak
attack simulation Bini Mary Thomas
RE: Port scans not showing up in ACID. John Creegan
Re: [Snort-devel] Snort 2.1.1-RC1 Available snortdev
syslog messages Henri Chevallier
Deleted FTP signatures Yanyan Yang
RE: drowning in http inspect NON SN ORT
Email Notification Methods? Jason Baeder
RE: Email Notification Methods? Peters, Michael D.
RE: Re: *BSD performance (was:Correct version of libpcap?) Bradberry, John
RE: syslog messages Erik Mintz
oinkmaster.pl - Unable to download rules, Why?? Snortty
Re: Does barnyard work with snort2.1.0? David
RE: syslog messages Nick Duda
Re: oinkmaster.pl - Unable to download rules, Why?? Andreas Östling
RE: oinkmaster.pl - Unable to download rules, Why?? Schmehl, Paul L
RE: Port scans not showing up in ACID. John Creegan
RE: Port scans not showing up in ACID. John Creegan
Re: oinkmaster.pl - Unable to download rules, Why?? Timm Schneider
snort-2.1.0 upgrade error Peggy Kam
Re: drowning in http inspect NON RFC character alerts Jeremy Hewlett
Re: snort-2.1.0 upgrade error Jeremy Hewlett
Aberrant alerts with snort 2.1.0 build 9 John Sage
Re: snort-2.1.0 upgrade error Peggy Kam
RE: Port scans not showing up in ACID. John Creegan
Re: Aberrant alerts with snort 2.1.0 build 9 Jeremy Hewlett
How Safe: Construction and Use of a Passive Ethernet Tap bwood-lists
cross over cables Brian
snortrules-snapshot-2_1.tar.gz and flowbits? David Gianndrea
Network Bypass Josh Berry
RE: Port scans not showing up in ACID. Michael Steele
RE: one IP JP Vossen
RE: Help with a new rule to detect web traffic JP Vossen

Friday, 06 February

react: block not working Micheal.Cottingham
Has any one tried SnorcCenter with Snort 2.1.1-RC1? crazy
Re: react: block not working Matt Kettler
Variables: How to read SN ORT
Snort Variables SN ORT
Re: snortrules-snapshot-2_1.tar.gz and flowbits? Brian
Re: react: block not working Matt Kettler
Snort Sensor Stiles, Eric
alert_syslog Peggy Kam
Re: Snort Variables Matt Kettler
MyDoom Outbound Impossible Detects McCash, John
Re: alert_syslog Josh Berry
Re: alert_syslog Peggy Kam
Re: Snort Sensor M. Morgan
Re: react: block not working Micheal.Cottingham
Re: alert_syslog Owen McCusker
RE: Snort Variables bmcdowell
Sneeze Peggy Kam
Re: MyDoom Outbound Impossible Detects Chris Keladis
Re: MyDoom Outbound Impossible Detects McCash, John
RE: MyDoom Outbound Impossible Detects John York
Re: Snort Sensor Erek Adams

Saturday, 07 February

Re: Re: *BSD performance (was:Correct version of libpcap?) Christian Ehlen
WINSNORT.com Announcement: MANDRAKE 9.2 Install Guide added Michael Steele
Bug: $eth0_ADDRESS parse error (FIXED?) Tom Barcellona
Has any one tried SnorcCenter with Snort 2.1.1-RC1? crazy
Re: Bug: $eth0_ADDRESS parse error (FIXED?) Erek Adams
Re: Bug: $eth0_ADDRESS parse error (FIXED?) Tom Barcellona
Re: Bug: $eth0_ADDRESS parse error (FIXED?) Erek Adams

Sunday, 08 February

anything wrong with arpspoof preprocessor? Shoelace
Document for Snort 2.1.0 on Fedora Core 1 Patrick S. Harper
Re: Snort 2.1.0, getting mixed up signatures. Jason Haar
IDS Design Help Jake Rog
PLEASE HELP HERE. vasanth b

Monday, 09 February

RE: PLEASE HELP HERE. Jim Hendrick
Problem with Snort-inline aravind babu
Help!! Problem testing Snort Gema de Toro Sánchez
Re: Problem with Snort-inline ravivsn
Re: Help!! Problem testing Snort ravivsn
invalid event id, eventlog, win32 Daniel Guido
snort and Tru64 Darryl Cook
Re: PLEASE HELP HERE. M. Morgan
Re: IDS Design Help Richard Bejtlich
IIS UNICODE Attack? WAN FAT WU
Re: invalid event id, eventlog, win32 Chris Reid
Need help with Sneeze Peggy Kam
Re: Snort 2.1.0, getting mixed up signatures. Erek Adams
RE: invalid event id, eventlog, win32 Michael Steele
IDS Policy Manager 1.4.0 Beta Released Jeff Dell
Re: [rpms] snort-mysql rpm JP Vossen
Re: Need help with Sneeze ravivsn
Snort+Prelude Reporting DoS advisory Gene Gomez
ACID bug ?: changing pages within query result Vines Scott D 2d Lt AFFTC/IT
Re: Has any one tried SnorcCenter with Snort 2.1.1-RC1? Jason Alexander
SNORT (Linux) / MySQL (Win32) MVIBE
ACID Oliver
Re: Snort 2.1.0, getting mixed up signatures. Skip Carter
RE: IDS Design Help hugh_fraser
HOME_NET msalmanf
Re: SNORT (Linux) / MySQL (Win32) JP Vossen

Tuesday, 10 February

Re: HOME_NET James Riden
problem logging Elena Escolano Torner
DShield Information Dusty Hall
Re: HOME_NET Matt Kettler
Re: problem logging M. Morgan
Duplicate key errors in ACID John Creegan
RE: SNORT (Linux) / MySQL (Win32) Michael Steele
Re: problem logging Elena Escolano Torner
Re: problem logging Jeff Kell
false positive generator Peggy Kam
Re: false positive generator twig les
Duplicates in ACID John Creegan
Re: false positive generator Matt Kettler
Re: SNORT (Linux) / MySQL (Win32) MVIBE
Re: SNORT (Linux) / MySQL (Win32) M. Salman Farisi
RULES -> Unknown ClassType: MVIBE
Re: RULES -> Unknown ClassType: Brian
RE: RULES -> Unknown ClassType: Michael Steele
Re: RULES -> Unknown ClassType: MVIBE
MySQL signatures escaped unneccesarily? Rick Johnson
Re: false positive generator Ravi
snort.conf and startup variables Derek (X-Networks)
Configuring snort.conf James Chong

Wednesday, 11 February

Re: false positive generator Dirk Geschke
Re: false positive generator Dirk Geschke
RE: false positive generator Bob Walder
Re: false positive generator Dirk Geschke
RE: false positive generator Bob Walder
Re: false positive generator Dirk Geschke
RE: SNORT (Linux) / MySQL (Win32) Fred McFeeters
Re: snort.conf and startup variables Erek Adams
Re: Configuring snort.conf Erek Adams
SNORT Rule for netbios brute force break-in Robert Caplan
RE: SNORT Rule for netbios brute force break-in Shaffer, Paul D
Re: MyDoom Outbound Impossible Detects McCash, John
snort sending snmp traps naganandas
Re: MyDoom Outbound Impossible Detects McCash, John
IPless interface on Debian... Tobias Rice
SNORT Rule for netbios brute force break-in Robert Caplan
old versions of snort? Karl Sjödahl
Plugin Ragip Yahsieli
-T option error crazy
RULES -> Unknown Classtype: VIBE
how to start snort as service ( with normal user priv. ) Antje Schlüschen
Documentation!! SN ORT
Re: old versions of snort? Erek Adams
Re: -T option error Erek Adams
Re: SNORT (Linux) / MySQL (Win32) JP Vossen
Re: IPless interface on Debian... M. Morgan
Re[2]: -T option error Erek Adams
ASN.1 Signature Dragos Ruiu
Please virus scan your systems Vines Scott D 2d Lt AFFTC/IT
Re: Please virus scan your systems Keith W. McCammon
Re: Barnyard 0.1.0 and the "unable to find mysqlclient library" issue Jeff Nathan
Re: Please virus scan your systems Bryan Irvine
Re: -T option error Drew Smith
[Snort-announce] IDS Policy Manager 1.4.0 Beta Released Jeff Dell
Re: Re[2]: -T option error Drew Smith
filters Drew Smith
Re: Documentation!! Matt Kettler
Re: Documentation!! SN ORT
Re: Documentation!! Matt Kettler
Re: Please virus scan your systems Matt Southworth
Re: Please virus scan your systems Josh Berry
Re[3]: -T option error Erek Adams
Re: Please virus scan your systems Matt Kettler
Re: Re[2]: -T option error Erek Adams
Re: filters Matt Kettler
Re: IPless interface on Debian... Tobias Rice
snort-2.2.1-RC1 compile error Ken Bergquist
ACID PHP MYSQL ERROR MVIBE
Re: Please virus scan your systems Drew Smith
Re: filters Drew Smith
Re: Snort-users] ACID PHP MYSQL ERROR MVIBE
Re: ACID PHP MYSQL ERROR Drew Smith
RE: SNORT Rule for netbios brute force break-in larosa, vjay
RE: Re: Snort-users] ACID PHP MYSQL ERROR Michael Steele

Thursday, 12 February

RE:Subject: IPless interface on Debian... Holger . Woehle
Some thoughts on IDS types - request for clarification :) Emre Bastuz
Re[3]: -T option error crazy
Re[4]: -T option error crazy
Re[2]: -T option error crazy
ACID PHP MYSQL ERROR VIBE
snort-2.2.1-RC1 compile error Ken Bergquist
snort-2.2.1-RC1 compile error Ken Bergquist
Re[2]: Subject: IPless interface on Debian... Patrick Sitton
Re: Some thoughts on IDS types - request for clarification :) Matt Kettler
Integrate Snort with Remedy, Anyone Please??? Snortty
Re: Integrate Snort with Remedy, Anyone Please??? Owen McCusker
Question regarding creating rules in Snortcenter ... Michael Chapman
RE: Documentation!! Mike Koponick
Re: snort-2.2.1-RC1 compile error Jeremy Hewlett
RE: Some thoughts on IDS types - request for clarif ication :) Darden, Patrick S.
RE: Integrate Snort with Remedy, Anyone Please??? Noble, Kevin
RE: Documentation!! SN ORT
RE: Documentation!! Michael Steele
[Snort-users]Microsoft Vulnerability in Microsoft ASN.1 (KB828028) signature CGhercoias
RE: SNORT (Linux) / MySQL (Win32) robert schwartz
Updating Rules? Dusty Hall
Email Syed Ali
Re: Integrate Snort with Remedy, Anyone Please??? Jeff Nathan
RE: Updating Rules? Vines Scott D 2d Lt AFFTC/IT
RE: Updating Rules? John Creegan
Re: Updating Rules? Andy Richter
Re: Updating Rules? Andreas Östling
RE: Email Michael Steele
Re: Updating Rules? Dusty Hall
Re: snort-2.2.1-RC1 compile error Ken Bergquist
RE: Updating Rules? Paul Schmehl
RE: ACID DeBerry, Casey
Re: Updating Rules? Paul Schmehl
RE: ACID Michael Steele
Re: SNORT (Linux) / MySQL (Win32) JP Vossen

Friday, 13 February

Re[4]: -T option error Erek Adams
snort tsnmp trap naganandas
RE: Email Nick Duda
Flexresp is not working Dmitry
Re: snort-2.2.1-RC1 compile error Jeremy Hewlett
(spp_frag2) Oversized fragment, probable DoS Finney Charles E
header/alert mixup bug(s) in snort 2.1.0? McCash, John
Not alerting TCP. Mark Zerr
snort rules with OS info? Susan Coulter
Re: Flexresp is not working Eduardo E. Silva
Snort logging way too much Ochronus
Re: snort-2.2.1-RC1 compile error Martin Roesch
Re: (spp_frag2) Oversized fragment, probable DoS Martin Roesch
Re: snort rules with OS info? Martin Roesch
Re: Snort logging way too much Martin Roesch
Re[2]: Snort logging way too much Ochronus

Saturday, 14 February

Trouble compiling Snort-2.1.0: snprintf.c Tomasz Piotr Palarz
Mysql is collecting data from snort, Acid won't display it. Wally Bedford
RE: Mysql is collecting data from snort, Acid won't display it. Michael Steele

Sunday, 15 February

RE: Mysql is collecting data from snort, Acid won't display it. Wally Bedford
preprocessor arpspoof, help! Daniel Ascensão
RE: preprocessor arpspoof, help! Daniel Ascensão
no problem installing snort, winpcap -- but.... b0b39-prgmr
Trouble compiling Snort-2.1.0: snprintf.c (fwd) Tomasz Piotr Palarz
Different Portscan format under 2.1.0 to 2.0.5 Stephen Meatheringham
Re: Different Portscan format under 2.1.0 to 2.0.5 M. Salman Farisi
Re[2]: Snort logging way too much Ochronus

Monday, 16 February

ACID and delete alerts cc
Rules for Adware Darden, Patrick S.
arp preprocessor Daniel Ascensão
preprocessor arpspoof, help! Daniel Ascensão
Question Israel_Guadalupe_Lopez_Mascorro . . /Administracion/Jalisco
Difference Portscan format under 2.1.0 to 2.0.5 Stephen Meatheringham
Re[6]: -T option error crazy
RE: ACID and delete alerts Michael Steele
Block Israel_Guadalupe_Lopez_Mascorro . . /Administracion/Jalisco
(no subject) Finney Charles E
Reserved characters in msg:"..."? John Sage
Re: Block M. Morgan
Re: snort-2.2.1-RC1 compile error Ken Bergquist
RE: Reserved characters in msg:"..."? CGhercoias
Re: Block Matt Kettler
Re: Block Paul Schmehl
Snort and VPN Bala Ayres
Re: Block Frank Knobbe
Re: Block Frank Knobbe
Re: Snort and VPN Matt Kettler
Re: Block Paul Schmehl
Re: Snort and VPN Bala Ayres
Re: Snort and VPN Matt Kettler
Re: Block Brian
Re: ACID and delete alerts cc

Tuesday, 17 February

RE: ACID and delete alerts Michael Steele
Re: Block Matt Kettler
snort alerts Bala Ayres
Re: Reserved characters in msg:"..."? Martin Roesch
Michael Mulholland/ISU/DFP is out of the office. Michael . Mulholland
Re: ARPSpoof! Jeff Nathan
Questions on traffic crtech
Re: ACID and delete alerts cc
anomalous http server cc
Re: ARPSpoof! Jeff Nathan

Wednesday, 18 February

New snort rule for WORM_NETSKY.B yet PLEASE??? Snortty
Re: anomalous http server Matt Kettler
Re: New snort rule for WORM_NETSKY.B yet PLEASE??? Matt Kettler
Snort in VMware Brian McNeilly
RE: Snort in VMware Douglas McCrea
Re: Snort in VMware M. Morgan
Change path for compiler Rowland, Krisa W ERDC-ITL-MS Contractor
Re: Change path for compiler Matt Kettler
Re: Snort in VMware Jeff
Why ionkmaster dont really upgrade rules,,? soldier Mx
NetSky worm signature definition...!!! Semerjian, Ohanes

Thursday, 19 February

ACID default display method Jason Humes
http insect Adams, Chris
Change path for compiler Rowland, Krisa W ERDC-ITL-MS Contractor
Re: Snort in VMware Stephen W. Thompson
RE: Snort in VMware DM
Snort failing to start... Jason Humes
Re: Snort failing to start... Joe Oligny
Re: Snort in VMware Brian McNeilly
Re: Snort in VMware M. Morgan
Re: Snort failing to start... Matt Kettler
Re: Snort in VMware Mark Fagan
config PHP for Snort in RH9 David Alonso De La Vega Tapage
OT New information about clamav Paul Schmehl
Re: config PHP for Snort in RH9 Mark Fagan
RE: config PHP for Snort in RH9 Jason Humes
OT: Re: Snort in VMware/hubs Jeff
Re: config PHP for Snort in RH9 David Alonso De La Vega Tapage
RE: config PHP for Snort in RH9 Jason Humes
Re: config PHP for Snort in RH9 David Alonso De La Vega Tapage
RE: NetSky worm signature definition...!!! Tim Hergert
RE: NetSky worm signature definition...!!! Shane Williams
how to enable portscan alert M. Salman Farisi
RE: NetSky worm signature definition...!!! Semerjian, Ohanes
Performance Question Martin Bündgens
Re: config PHP for Snort in RH9 mel
Re: how to enable portscan alert twig les
Re: Performance Question twig les
New version (1.3) of SnortSlinger available Ben Nelson

Friday, 20 February

Re: OT New information about clamav Matt Kettler
Re: OT New information about clamav Paul Schmehl
Snort on Linux with no IP Brian McNeilly
Re: New version (1.3) of SnortSlinger available M. Salman Farisi
Re: Snort on Linux with no IP James Riden
Re: Snort on Linux with no IP Erek Adams

Saturday, 21 February

Please post a good Nachi.B Signature Dan
Re: Please post a good Nachi.B Signature Erek Adams
Re: Please post a good Nachi.B Signature Dan
Re: Please post a good Nachi.B Signature James Riden
Re: New version (1.3) of SnortSlinger available Ben Nelson

Sunday, 22 February

SQUID scan proxy attempt Fabio Viero
Source IP 173.80.0.0 Ed
Re: Please post a good Nachi.B Signature Jason Haar
(no subject) sumit vora
Re: (no subject) Keith W. McCammon
Simple configuration Mario Guerendo
RE: Simple configuration Mark E. Donaldson
Compiling mysql support into snort and barnyard Mark Olbert
barnyard file reading question Mark Olbert
Re: Compiling mysql support into snort and barnyard Rahul

Monday, 23 February

Re: Compiling mysql support into snort and barnyard Dirk Geschke
Re: barnyard file reading question AJ Butcher, Information Systems and Computing
RE: Snort on Linux with no IP Grejda, Eric
Re: Snort in VMware Michael Stone
Re: Please post a good Nachi.B Signature SN ORT
2.1.0 compile problems and primary development platform Williams Jon
RE: Snort on Linux with no IP Mark Fagan
Re: Snort on Linux with no IP Brian McNeilly
Re: Snort on Linux with no IP Tony Fraser
ACID Israel_Guadalupe_Lopez_Mascorro . . /Administracion/Jalisco
RE: 2.1.0 compile problems and primary development platform Schmehl, Paul L
ACID Israel_Guadalupe_Lopez_Mascorro . . /Administracion/Jalisco
RE: ACID Fred McFeeters
(no subject) marcio
Odd alert on /bin/chmod rule GJ Philput
barnyard question Mark Olbert
Snort problem with postgresal Mario Soto Cordones
Remotely monitor a switch port... Ridlon, Michael
ERROR: unknown preprocessor "ø~_decode" Mario Soto Cordones
Puresecure... Ridlon, Michael
Newbie Notes and Question on Rule Creation Mark Olbert
DB SNORT Israel_Guadalupe_Lopez_Mascorro . . /Administracion/Jalisco
RE: Puresecure... Shaffer, Paul D
RE: DB SNORT Shawn Kottke
snortsam problem ultan lankford
Re: snortsam problem Frank Knobbe
RE: DB SNORT HuMPie
make: Fatal error in reader: Makefile, line 484: Unexpected end o f line seen Semerjian, Ohanes
Re: [Snort-users] ERROR: unknown preprocessor "ø~_decode" Rahul
Re: make: Fatal error in reader: Makefile, line 484: Unexpected end o f line seen Erek Adams
Re: Remotely monitor a switch port... Erek Adams
Re: Remotely monitor a switch port... JP Vossen
Re: 2.1.0 compile problems... JP Vossen
Brian Denicola/US/ABNAMRO/NL is out of the office. brian . denicola

Tuesday, 24 February

HTTP session packet capture seems borken Bill McCarty
Problem compiling Snort 2.1.1 and 2.1.0 on old RedHat 6.2 based system Jan Hugo Prins
Snort Wireless and BSD A. Wright
Re: Snort-users digest, Vol 1 #3994 - 10 msgs ultan lankford
I have a problem with snort.conf Guillermo Andres Gómez
SQUID scan proxy attempt Fabio Viero
ACID Israel_Guadalupe_Lopez_Mascorro . . /Administracion/Jalisco
Re: Snort on Linux with no IP Yonah Russ
Short UDP Packet FG12sqTSS
Re: ACID Scott Elgram
Bad Loop Back Traffic Scott Elgram
snort+snmp traps naganandas
Re: Source IP 173.80.0.0 ypwhich
Flowbits Douglas McCrea
Re: Remotely monitor a switch port... Ridlon, Michael
Re: [Snort-sigs] Reporting false positive for Snort rule Josh Berry
RE: Flowbits Peters, Michael D.
RE: Snort on Linux with no IP Schmehl, Paul L
RE: [elvandar] Re: Snort on Linux with no IP Remko Lodder
SNORT IN MULTIPLE INTERFACE CARD Mario Soto Cordones
Re: Bad Loop Back Traffic bclark
Re: Bad Loop Back Traffic Mat Harris
Re: Flowbits Joe Matusiewicz
Re: Snort-users digest, Vol 1 #3997 - 11 msgs Nigel Houghton
Re: Remotely monitor a switch port... JP Vossen
Re: flowbits adam
RE: Remotely monitor a switch port... Chris Calaf
RE: Bad Loop Back Traffic Finney Charles E
Re: RE: Bad Loop Back Traffic James Nonya
Re: Re: flowbits Andreas Östling
Re: Snort on Linux with no IP Gabriel L. Somlo
RE: Re: flowbits Douglas McCrea
Re: Bad Loop Back Traffic Frank Knobbe
RHWS/Snort/Bonding Brian M. Diehl
RE: I have a problem with snort.conf Neil Fryer
RE: SQUID scan proxy attempt Wally Bedford
Install of Snort2.1.1 Brad Rose
Re: Install of Snort2.1.1 cc
Re: flowbits adam
Re: I have a problem with snort.conf Rahul
Re: I have a problem with snort.conf twig les
Re: I have a problem with snort.conf Rahul
RE: Snort on Linux with no IP ypwhich

Wednesday, 25 February

Re: Bad Loop Back Traffic Scott Elgram
Re: RE: Bad Loop Back Traffic Scott Elgram
xdecode Install of Snort2.1.1 Brad Rose
Re: Bad Loopback Traffic bclark
Snort Deployment Suggestions Tom Riley
Strange Traffic to 10.0.1.128 Dusty Hall
Building snort w/ mysql support BCalvert
Re: Snort Deployment Suggestions Josh Berry
Snort 2.1.1 final is available! Jeremy Hewlett
Garbling FTP alerts Gary_Portnoy
Re: Bad Loop Back Traffic SN ORT
RE: [Snort-devel] Snort 2.1.1 final is available! Kumar, Manoj
RE: [Snort-devel] SNORT has memory leak on Linux Red hat 9 Kumar, Manoj
RE: Snort Deployment Suggestions Kreimendahl, Chad J
FLOW question Steven Suppe
RE: Building snort w/ mysql support Koren, Alexander
RE: Building snort w/ mysql support M. Salman Farisi
Segfault on fun funy rule Jason Monroe "JC"
RE: Snort Deployment Suggestions Josh Berry
RE: Building snort w/ mysql support Mark E. Donaldson
Re: Segfault on fun funy rule Erek Adams
Error snort -c -T /etc/snort/snort.conf M. Salman Farisi

Thursday, 26 February

Re: Segfault on fun funy rule Jason Monroe "JC"
configure option "enable-linux-smp-stats" Nerijus Krukauskas
Problem with building snort-2.1.1 on rh7.0 boka
snort.conf questions NEWELL Craig -TSDC
Re: Error snort -c -T /etc/snort/snort.conf Bennett Todd
[ANNOUNCE] Demo Version of SENTINIX NOW Available! Bob Radvanovsky
Re: Error snort -c -T /etc/snort/snort.conf Bennett Todd
SNORT and VLans Puetz, Christoph
snortdb-extra.gz Bob Von Ilten
RE: snortdb-extra.gz Shawn Kottke
Re: SNORT and VLans twig les
Re: Problem with building snort-2.1.1 on rh7.0 - solved boka
RE: SNORT and VLans Martin Jr., D. Michael
Snort 1U Appliance for Sale on EBay Nicholas Bachmann
Re: SNORT and VLans Jason Haar
RE: make: Fatal error in reader: Makefile, line 484 : Unexpected end o f line seen Semerjian, Ohanes

Friday, 27 February

alert refused to pass Jasmine CHUA
RE: alert refused to pass Jasmine CHUA
snort logging outbound traffic Ochronus
Alerts of "(http\_inspect) NON-RFC DEFINED CHAR" Gabriel Assis Amancio
Re: Alerts of "(http\_inspect) NON-RFC DEFINED CHAR" M. Salman Farisi
SNORT has memory leak on Linux Red hat 9 Kumar, Manoj
Re: [Snort-devel] SNORT has memory leak on Linux Red hat 9 Ian Macdonald
Snort Deployment Suggestions Tom Riley
Page not available Lynn
P2P Rules and Sending TCP Resets. Rob Ward
Re: Bad Loop Back Traffic Scott Elgram
RE: P2P Rules and Sending TCP Resets. Chas Tomlin
Re: Alerts of "(http\_inspect) NON-RFC DEFINED CHAR" Jeremy Hewlett
Re: make: Fatal error in reader: Makefile, line 484 : Unexpected end o f line seen Jeremy Hewlett
Re: configure option "enable-linux-smp-stats" Jeremy Hewlett
Adware/Malware Rules List Darden, Patrick S.
RE: [Snort-devel] SNORT has memory leak on Linux Red hat 9 Kumar, Manoj
RE: Snort 1U Appliance for Sale on EBay Kreimendahl, Chad J
New Snortcenter 2.x Jason Alexander
Adware/Malware Rules List V2 Darden, Patrick S.
Re: Bad Loop Back Traffic Mark . Schutzmann
RE: Page not available Michael Steele
Re: Alerts of "(http\_inspect) NON-RFC DEFINED CHAR" Kristofer T. Karas
Newbie Jim Brown
Re: Snort 1U Appliance for Sale on EBay Brian
Re: SNORT has memory leak on Linux Red hat 9 ypwhich
Re: SNORT has memory leak on Linux Red hat 9 twig les
Re: Newbie Josh Berry
Re: P2P Rules and Sending TCP Resets. Josh Berry
Re: Snort 1U Appliance for Sale on EBay Frank Knobbe
Re: Snort 1U Appliance for Sale on EBay Nicholas Bachmann
TCP Resets Josh Berry
Re: TCP Resets twig les
Re: TCP Resets Josh Berry
Re: TCP Resets Jeff Kell
Re: TCP Resets Josh Berry

Saturday, 28 February

Newbie Jim Brown
Segmentation fault after installing 2.1.1 (and 2.1.1RC1). Bo Jacobsen
Re: Segmentation fault after installing 2.1.1 (and 2.1.1RC1). Bo Jacobsen
RE: Newbie Michael Steele
Re: TCP Resets Gary Flynn
Newbie Jim Brown

Sunday, 29 February

ACID gives erroneous information Erwin Van de Velde
Re: ACID gives erroneous information Josh Berry
Re: ACID gives erroneous information Erwin Van de Velde
RE: Adware/Malware Rules List Jerry Shenk
RE: Adware/Malware Rules List Mark E. Donaldson
double decoding attack Mark Olbert
Help with snort message Ben Beeson

Monday, 01 March

ACID modification cc
RE: ACID modification Michael Steele
acid error boka
RE: Snort 1U Appliance for Sale on EBay Keith Pachulski
Re: acid error Thomas Bechtold
Acid/Snort not logging UDP packets Jim Brown
Re: acid error boka
Re: Acid/Snort not logging UDP packets Josh Berry
Snort/mysql/acid and dshield.org Miner, Jonathan W
Quick snortsam question James Nonya
Re: Snort/mysql/acid and dshield.org Dusty Hall
snort doesn't write to mysql Ochs, Pam
snort postgresql rpm problem Jon Doe
how to remove snort completely santosh kamble
(error) error installing snort with mysql support santosh kamble
Newbie question: needed PC specs and performance R . Welz
Newbie question: needed PC specs and performance R . Welz
how to add new function to snort ow to use debug option Gaurav_Jindal
snort doesn't write to mysql Ochs, Pamela T [Contr (HPTI)]
More TCP Reset Questions Josh Berry
RE: Newbie question: needed PC specs and performance Fred McFeeters
RE: SNORT has memory leak on Linux Red hat 9 SN ORT
Re: More TCP Reset Questions Bamm Visscher
RE: snort postgresql rpm problem Thompson, Jimi
mostly an (my)sql question. John
RE: Newbie question: needed PC specs and performance CGhercoias
Re: More TCP Reset Questions Matt Kettler
RE: mostly an (my)sql question. John
threshold and suppress ?? Andraz Sraka
Re: More TCP Reset Questions Josh Berry
Re: More TCP Reset Questions Matt Kettler
Re: snort doesn't write to mysql Josh Berry
No logs in MYSQL Database but logs on localhost logfiles? Shannon M. Anderson
(http_inspect) NON-RFC HTTP DELIMITER Peggy Kam
FW: No logs in MYSQL Database but logs on localhost logfiles? Shannon M. Anderson
Re: double decoding attack Ben Beeson
Re: mostly an (my)sql question. Roman Danyliw
Re: Adware/Malware Rules List Max Valdez
Investigating mangled packets from pre-processor twig les
Re: double decoding attack Sean Lazar
Re: Obtain CVE id from unix sock output of Snort Brian
RE: snort postgresql rpm problem JP Vossen

Tuesday, 02 March

Re: ACID modification cc
Re: threshold and suppress ?? Jason
Re: threshold and suppress ?? Thomas Bechtold
Snort is exiting after start Daniel Jagodziński
Re: Alerts of "(http\_inspect) NON-RFC DEFINED CHAR"] Daniel J. Roelker
RE: Snort is exiting after start Jerry Shenk
PHP install problem! BCalvert
Snort IPv6 Chas Tomlin
Re: Adware/Malware Rules List Bryan Irvine
Re: Snort is exiting after start twig les
snort doesn't write to mysql Ochs, Pam
Re: (http_inspect) NON-RFC DELIMITER Nigel Houghton
Re: Adware/Malware Rules List James Nonya
Re: Source IP 173.80.0.0 [revisited], bug? Ed
undefined reference to `errno` ?? Marcin Laskowski
snort doesn't write to mysql Ochs, Pam
List admin please... Ed
ACID working again cc
RE: Source IP 173.80.0.0 [revisited], bug? Fred McFeeters
Re: Source IP 173.80.0.0 [revisited], bug? ypwhich

Wednesday, 03 March

snort.org and sourcefire.com resolving no more? henk
Re: snort.org and sourcefire.com resolving no more? John Sage
www.snort.org down? Michael Scheidell
www.snort.org down? Michael Scheidell
Re: www.snort.org down? jrhendri
Re: www.snort.org down? Mat Harris
www.snort.org down due to DNS failure.... Shannon M. Anderson
Re: www.snort.org down? Mat Harris
simple rule help--detect unauthorized servers John York
Snort Install Shabbar Arsiwala
RE: Snort Install Shawn Kottke
alert messages Rodrigo B. Ramos
W32.Beagle.J Worm Signature? Mark . Schutzmann
Nmap Scan Not Detected John Redrichs

Thursday, 04 March

Snort log alert is not the same as the live alerts. vmlinuz Mandrake
resp:rst_all not working Venkata Raghavan
Startup Problem RichardKebo
undefined reference to `errno` ?? Marcin Laskowski
ANOMALOUS HTTP SERVER ON UNDEFINED HTTP PORT Fred McFeeters
Rule Flow Jochen Vogel
Base 64 encoding phorvati
flow-portscan really suitable ??? BIZOU
Demark PureSecure questions sam
RE: flow-portscan really suitable ??? Douglas McCrea
Re: RE: flow-portscan really suitable ??? BIZOU
RE: RE: flow-portscan really suitable ??? Douglas McCrea
Noisy Rules Paul Lane
snort-replay for 2.1.1 Andreas Östling
RE: Adware/Malware Rules List Jerry Shenk
Re: Noisy Rules Mark . Schutzmann
Question about best hardware Mike Cohen
Re: Demark PureSecure questions Ridlon, Michael
Telnet and FTP Rodrigo B. Ramos
RE: Noisy Rules Schmehl, Paul L
Embedded SPEC incorrect in v2.1.1 Dax Kelson
RE: Adware/Malware Rules List V2 Rowland, Krisa W ERDC-ITL-MS Contractor
mysql_error: Access denied for user: 'snort@localhost gsrao
custom sig file Rowland, Krisa W ERDC-ITL-MS Contractor
flexresp question ravath k
flexresp question ravath k
Re: Question about best hardware Michael Sconzo
sensor Dmitry Chorine
E-mail Dmitry Chorine
Re: E-mail twig les
Re: sensor twig les
RE: sensor Dmitry Chorine
Re: Demark PureSecure questions Kristofer T. Karas
Re: E-mail Ben Nelson
RE: Embedded SPEC incorrect in v2.1.1 JP Vossen
have i been banned Fred McFeeters
RE: custom sig file JP Vossen
Question of traffic result using snort? Jaeho Kwon
Re: have i been banned twig les

Friday, 05 March

Repost: resp:rst_all not working Venkata Raghavan
Re: RE: RE: flow-portscan really suitable ??? BIZOU
RE: Demark PureSecure questions Nick Duda
Barnyard payload Jochen Vogel
RE: Adware/Malware Rules List V2 Darden, Patrick S.
Snort in anomaly mode? Jason Humes
Re: mysql_error: Access denied for user: 'snort@localhost Jeff Price
Flexresp question ravath k
RE: custom sig file SN ORT
Re: have i been banned Matt Kettler
Re: Repost: resp:rst_all not working Matt Kettler
Re: RE: RE: flow-portscan really suitable ??? Jeremy Hewlett
Re: Question about best hardware M. Morgan
RE: Question about best hardware Kreimendahl, Chad J
Re: Flexresp question Kristofer T. Karas
[OT] - RE: Repost: resp:rst_all not working bmcdowell
Help need in Snort configuration mohan Sharma
RE: Help need in Snort configuration Nick Duda
RE: [OT] - RE: Repost: resp:rst_all not working Lucretia Enterprises
Re: Repost: resp:rst_all not working Venkata Raghavan

Saturday, 06 March

Testing snort? Ben
Windows Set-up Chris Manteuffel
RE: Windows Set-up Mark E. Donaldson
Win32 v2.1 as service - two instances? Rich Adamson
Re: Win32 v2.1 as service - two instances? Chris Burton
Re: Win32 v2.1 as service - two instances? Rich Adamson
Win32 v2.11 Build24 stable? Rich Adamson

Sunday, 07 March

Barnyard 0.2.0 beta1 is available Andrew R. Baker
RE: Question about best hardware Jason Haar
Looking for Perl archive script for Snort with ACID and MySQL JP Vossen

Monday, 08 March

Re: Testing snort? Ciprian Badescu
Help me slanducci
Re: Repost: resp:rst_all not working Matt Kettler
Re: Snort in anomaly mode Jason Humes
Help me it slanducci
I think it ok slanducci
RE: Question about best hardware SN ORT
RE: Looking for Perl archive script for Snort with ACID and MySQL Schmehl, Paul L
Snort Install Shabbar Arsiwala
Sensor Hardware jonasb
RE: Question about best hardware Josh Berry
Sensor logging at remote mysql db Luis Claudio R. da Silveira
RE: Question about best hardware Michael Miller
RE: Question about best hardware Hutchinson, Andrew
Re: Question about best hardware Jason Haar
RE: Sensor logging at remote mysql db Michael Steele
pcre.h error . David Alonso De La Vega Tapage
Re: Snort-users digest, Vol 1 #4029 - 2 msgs jayesh
Re: Help need in Snort configuration Ravi

Tuesday, 09 March

Re: Question about best hardware Michael Stone
running snort in promiscuous mode Jan Hormann
S2I compiler Denis Lyons
Sendig alerts to another system pierangelo motta
RE: Question about best hardware Kreimendahl, Chad J
Re: Sensor logging at remote mysql db Luis Claudio R. da Silveira
RE: Question about best hardware AJ Butcher, Information Systems and Computing
Setup & Configure Snort 2.1.1 on Windows XP? Danny Cannady
Re: Setup & Configure Snort 2.1.1 on Windows XP? keith-list
Interesting problem with Snort 2.1.0 today -- sam
Problems with links in ACID Luis Claudio R. da Silveira
Snort error Danny Cannady
creating tables .. David Alonso De La Vega Tapage
RE: Snort error Danny Cannady
Re: creating tables .. David Alonso De La Vega Tapage
Portscan traffic on ACID James Chong
Re: Portscan traffic on ACID James Chong
Re: Portscan traffic on ACID James Chong
RE: No portscan still on ACID James Chong
RE: RE: No portscan still on ACID Michael Steele

Wednesday, 10 March

signature needed for imesh p2p Jasmine CHUA
failure to generate alerts from tcpdump file jwang
Re: Problems with links in ACID AJ Butcher, Information Systems and Computing
Re: Sensor logging at remote mysql db AJ Butcher, Information Systems and Computing
Re: running snort in promiscuous mode AJ Butcher, Information Systems and Computing
snort multi packet inspection Gaurav_Jindal
ignorehost in snort.conf Dose Not ignore my scanner, why? Snortty
Time used by snort Geoff Craig
RE: Question about best hardware Josh Berry
RE: Question about best hardware Josh Berry
Re: failure to generate alerts from tcpdump file ypwhich
Re: failure to generate alerts from tcpdump file Matt Kettler
LogRep Mike Koponick
Question about passwd file Michael . Mulholland
Re: Interesting problem with Snort 2.1.0 today -- Jeremy Hewlett
Re: Question about passwd file twig les
Snort log management Jason Humes
Performance tuning for a G5 Xserve? David DeCoster
installing snort ? john greene
Patch for Snort FAQ Jason Monroe "JC"
Re: installing snort ? Matt Kettler

Thursday, 11 March

commercial installations ? john greene
flow-portscan. Chris Keladis
RE: Question about best hardware AJ Butcher, Information Systems and Computing
RE: Question about best hardware AJ Butcher, Information Systems and Computing
RE: Snort log management Jason Humes
ACID 2.0? McCash, John
Looking for those who use LogSnorter Michael Shirk
RE: ACID 2.0? Fred McFeeters
installing snort ? (john greene) Edwin Ramos
Snort+iptables in the same machine Luis Claudio R. da Silveira
Re: Snort+iptables in the same machine Nick Hatch

Friday, 12 March

generators-files Thomas Bechtold
Unified log - how binary are they? Sigurd Urdahl
Re: Question about best hardware Sigurd Urdahl
RE: Snort+iptables in the same machine SN ORT
Problem stopping snort senthu
Snort, MySql, Apache, & PHP Problem - Checked by Vexira - Scott Bounds
Re: ACID 2.0? SNORT
Disable alerts from certain machines Whitfield, Ken
Re: Snort, MySql, Apache, & PHP Problem - Checked by Vexira - Jim Hendrick
RE: Disable alerts from certain machines Jerry Shenk
Hummm... Michael Steele
RE: Hummm... Jerry Shenk

Saturday, 13 March

Barnyard 0.2.0-beta2 available Andrew R. Baker
Re: Unified log - how binary are they? Andrew R. Baker
Tuning Signatures Jim Terry

Sunday, 14 March

Snort install Mario Guerendo
Re: Snort install nhdave
Init script Erwin Van de Velde
Re: Snort install Thomas Bechtold
Re: Hummm... Jason Haar
Re: Hummm... ypwhich
RE: Hummm... Michael Steele
Snort install john greene
RE: Hummm... Ben
RE: Hummm... ypwhich
RE: Snort install Amod K
RE: Snort install Amod K

Monday, 15 March

Re: Hummm... AJ Butcher, Information Systems and Computing
Re: Tuning Signatures AJ Butcher, Information Systems and Computing
flow-portscan ravath k
Re: Tuning Signatures Tod Beardsley
Re: Hummm... Shannon M. Anderson
Re: Hummm... Martin Roesch
Re: Hummm... Martin Roesch
CVS FAQ? (snort and barnyard issues) Michael Miller
RE: Hummm... Michael Steele
RE: Hummm... Kreimendahl, Chad J
Logsnorter problem Carlos
Re: Hummm... Martin Roesch
Re: CVS FAQ? (snort and barnyard issues) Martin Roesch
Keeping separate databases? Jason Humes
RE: How to delete alerts without acid SN ORT
Re: Keeping separate databases? twig les
RE: Keeping separate databases? Jason Humes
RE: CVS FAQ? ... Fred Portnoy
RE: CVS FAQ? (snort and barnyard issues) Michael Miller
RE: How to delete alerts without acid SN ORT
Truncated Tcp Options? Rich Adamson
winsnort install john greene
Re: Hummm... Martin Roesch
RE: CVS FAQ? ... Schmehl, Paul L
Re: Logsnorter problem Jason Haar
how to fast locate the rule by the alert? Lin Zhong
Re: Keeping separate databases? Jason Haar
barnyard looses details WRT ACID? Jason Haar
Re: barnyard looses details WRT ACID? Bamm Visscher
building snort from CVS Jason Monroe "JC"
Re: Snort-users digest, Vol 1 #4045 - 13 msgs Nigel Houghton
RE: How to delete alerts without acid Jerry Shenk
Re: CVS FAQ? (snort and barnyard issues) Andrew R. Baker
RE: How to delete alerts without acid Jason Humes
RE: How to delete alerts without acid twig les

Tuesday, 16 March

Re: Truncated Tcp Options? ypwhich
How to delete alerts without acid Jason Humes
Re: barnyard looses details WRT ACID? AJ Butcher, Information Systems and Computing
Update rules....but not all SNORT
Re: Truncated Tcp Options? Rich Adamson
RE: Keeping separate databases? Jason Humes
v2.1 config question Rich Adamson
snort db update Matteo
RE: Hummm... Shannon M. Anderson
RE: Update rules....but not all Dan Fiorito
RE: How to delete alerts without acid Hutchinson, Andrew
Re: building snort from CVS Nigel Houghton
Generator ID in threshold directive Bill McCarty
Cannot archive alerts (ACID) Jeff Workman
FIltering out Internal Mail Logging frank.hodits
Re: building snort from CVS Michael Boman
Are there any problems Snort 2.1.1 with ACID v0.9.6b23? Thomas Reisinger
Problem with compiling/installing snort 2.1.1 on RH 9.0 Thomas Reisinger
Re: Truncated Tcp Options? Chris Green
RE: How to delete alerts without acid Schmehl, Paul L
RE: Hummm... Kreimendahl, Chad J
RE: v2.1 config question Dave Randolph
Best way to alert portscan activity? Rich
Re: Hummm... Martin Roesch
Re: Cannot archive alerts (ACID) AJ Butcher, Information Systems and Computing
RE: Keeping separate databases? Jason Haar
RE: Keeping separate databases? Jason Monroe "JC"
Re: FIltering out Internal Mail Logging Mark . Schutzmann
Re: Keeping separate databases? Jason Haar
Snort log no longer updating Koski, Brian
RE: winsnort install robert schwartz
Re: Are there any problems Snort 2.1.1 with ACID v0.9.6b23? Paul Schmehl
Re: Problem with compiling/installing snort 2.1.1 on RH 9.0 Ted Kaczmarek
Re: Truncated Tcp Options? Rich Adamson
Feature request: thresholds need another counter? Jason Haar
RE: Hummm... Ted Kaczmarek
Re: Feature request: thresholds need another counter? Paul Schmehl

Wednesday, 17 March

portscan2 - display which ports scanned in acid Andy Simpson
Re: Feature request: thresholds need another counter? Jason
Re: Cannot archive alerts (ACID) AJ Butcher, Information Systems and Computing
Re: Hummm... Martin Roesch
ACID: Unknown Database type specified: a DBtype of " was specified John
RE: Hummm... Kreimendahl, Chad J
ACID: Unknown Database type specified: a DBtype of " was specified (2) John
problem with ACID (portscan) Maxim
RE: Hummm... Shaffer, Paul D
RE: ACID: Unknown Database type specified: a DBtype of " was specified Lucretia Enterprises
Re: problem with ACID (portscan) Marcin Laskowski
log files Luong, Natalie N
Hello I am new user Hemant Thakre

Thursday, 18 March

Snort log alert is not the same as the live alerts. vmlinuz Mandrake
Icmp Ping cc
syslog-ng problem agnelo d
Logsnorter problem Carlos
RE: Icmp Ping Jerry Shenk
Snort permissions problem Jason Humes
Re: Logsnorter problem Carlos
How to tell snort version and upgrade Jason Humes
Re: Snort permissions problem neil
Re: How to tell snort version and upgrade neil
Snort running on two interfaces Jason Humes
RE: How to tell snort version and upgrade Jason Humes
RE: How to tell snort version and upgrade neil
Re: log files Dusty Hall
RE: Icmp Ping Jim Hendrick
Re: Snort running on two interfaces neil
Re: Snort running on two interfaces AJ Butcher, Information Systems and Computing
Script to install Snort and required packages Nelson, Gregg
RFC: SHELLCODE and WEDAV alerts Michael Shirk
RE: Snort running on two interfaces Jason Humes
Re: RFC: SHELLCODE and WEDAV alerts Frank Knobbe
Re: Feature request: thresholds need another counter? Frank Knobbe
Re: RFC: SHELLCODE and WEDAV alerts Frank Knobbe
Snort installation script Nelson, Gregg
Re: Snort-users digest, Vol 1 #4056 - 9 msgs SN ORT
What does the number in the binary log file name mean? Lin Zhong
Making zero headway with barnyard Michael Miller
Re: Icmp Ping cc
Re: Icmp Ping cc
Re: Making zero headway with barnyard Bamm Visscher
Re: What does the number in the binary log file name mean? Bamm Visscher
RE: Icmp Ping Jim Hendrick
'mysql_error: Duplicate entry', what am I doing wrong? JP Vossen

Friday, 19 March

PID Location Jim Gifford
problem with syslog-ng agnelo d
RE: Snort running on two interfaces AJ Butcher, Information Systems and Computing
problem with syslog-ng agnelo d
Latest Snort 2.1.x on Solaris 8, Can anyone confirm please? Snortty
Re: Latest Snort 2.1.x on Solaris 8, Can anyone confirm please? Snortty
RE: Icmp Ping Jerry Shenk
Re: Feature request: thresholds need another counter? Michael Boman
portscan2 - display which ports scanned in acid Andy Simpson
Snort inline and ip_queue neil
Re: Logsnorter problem Michael Boman
Detecting use of Anonymous Proxies Eric Ferguson
syslog-ng problem agnelo d
Re: Cannot archive alerts (ACID) Jeff Workman
syslog-ng problem agnelo d
Re: Snort inline and ip_queue neil
RE: Making zero headway with barnyard Michael Miller
Re: portscan2 - display which ports scanned in acid Marcin Laskowski
RE: portscan2 - display which ports scanned in acid Andy Simpson
RE: Icmp Ping Lucretia Enterprises
Re: portscan2 - display which ports scanned in acid John Creegan
Re: Latest Snort 2.1.x on Solaris 8, Can anyone confirm please? Snortty
Re: Generator ID in threshold directive Jeremy Hewlett
Re: Feature request: thresholds need another counter? Paul Schmehl
Re: Making zero headway with barnyard Bamm Visscher
RE: Making zero headway with barnyard Michael Miller
Event Correlation or Incident Management for Snort Database? McCash, John
Re: Detecting use of Anonymous Proxies neil
listening 2 interfaces at once? Peggy Kam
Re: listening 2 interfaces at once? neil
RE: Event Correlation or Incident Management for Snort Database? hugh_fraser
RE: Event Correlation or Incident Management for Snort Database? McCash, John
Re: listening 2 interfaces at once? Karpo, Derrick
RE: portscan2 - display which ports scanned in acid Kreimendahl, Chad J
RE: 'mysql_error: Duplicate entry', what am I doing wrong? Mark E. Donaldson
FreeBSD install guide for Sguil 0.3.1 Richard Bejtlich

Saturday, 20 March

Re: Feature request: thresholds need another counter? Jason Haar
http_decode line in snort.conf gets garbled Christophe Zwecker
uricontent easily evaded on Apache Kanatoko
Exhausted - SNORT not logging to MySQL database Your Name
Re: Exhausted - SNORT not logging to MySQL database Paul Schmehl
RE: Exhausted - SNORT not logging to MySQL database Michael Steele
Promiscuous Mode pfeito
RE: Exhausted - SNORT not logging to MySQL database Mark E. Donaldson
Re: Promiscuous Mode Paul Schmehl

Sunday, 21 March

Snort Abend after BAD-TRAFFIC Mark . Schutzmann
Truncated UDP Header Koren, Alexander
Re: Snort Abend after BAD-TRAFFIC Jason
Open question regarding the future of Visual Intrusion Analyzer Eric Knight
Unzipping Question Mark Sargent
Re: Snort Abend after BAD-TRAFFIC Mark . Schutzmann
Re: Snort Abend after BAD-TRAFFIC Jason Haar
Re: Snort Abend after BAD-TRAFFIC Frank Knobbe
Re: Unzipping Question Matt Kettler
Re: Snort Abend after BAD-TRAFFIC Jason
RE: Promiscuous Mode pfeito
Re: Snort Abend after BAD-TRAFFIC Jason Haar
RE: Promiscuous Mode Paul Schmehl
HOME_NET var on snort.conf pfeito
Snort No Output /MYSQL error Alan.Nguyenchan
Re: HOME_NET var on snort.conf Paul Schmehl

Monday, 22 March

snort gui management tool agnelo d
RE: snort gui management tool Jeff Dell
Re: HOME_NET var on snort.conf neil
http_decode line in snort.conf gets garbled Christophe Zwecker
portscan.log Mary M. Chaddock
help Hendry Fong
RE: Unzipping Question Mark Sargent
RE: HOME_NET var on snort.conf pfeito
Obtaining HTTP header information and Barnyard Christopher Bell
2.1.1 crashes regularly on Fedora Core 1 (with 2 dumps) Crow, Owen
setting rules for snortsam MEGA Hospedagem
RE: HOME_NET var on snort.conf pfeito
RE: snort gui management tool Mark E. Donaldson
RE: HOME_NET var on snort.conf Michael Boman
ATTACK RESPONSES 403 Forbidden Gould, Scott
Anybody is there Hemant Thakre
Linux RPMS Jason Monroe "JC"

Tuesday, 23 March

flowcache stats pierangelo motta
have i beenn HACKED or rooted ?? soldier Mx
Re: Snort inline and ip_queue Stephan Scholz
MSSQL jeroen.koekkoek
Re: Snort inline and ip_queue Ravi
Witty worm sig Dave Ellingsberg
Snort en mode NIDS sanaâ Aitouchen
Snort sensor setup Lance Boon
Asymmetric routing and IDS correlation ? Glenn Forbes Fleming Larratt
Snort Logging Ragip Yahsieli
Re: Snort Abend after BAD-TRAFFIC Steve Thompson
Re: Snort en mode NIDS neil
Re: Asymmetric routing and IDS correlation ? Rich Adamson
Re: Witty worm sig Tod Beardsley
Re: Snort en mode NIDS Ravi
does --enable-flexresp(2) works? pierangelo motta
AW: Witty worm sig peter . grosse-hering
RE: have i beenn HACKED or rooted ?? Petriz, Pablo
Re: Snort en mode NIDS Tomasz Piotr Palarz
RE: ATTACK RESPONSES 403 Forbidden Gould, Scott
Re: does --enable-flexresp(2) works? Paul Schmehl
Re: Asymmetric routing and IDS correlation ? Josh Berry
RE: Snort sensor setup Michael Steele
Is snort dropping packets Jason Humes
Snort with SPADE...snort in anomaly mode? Jason Humes
Detecting http 'basic-auth' brute force soidberg
RE: Asymmetric routing and IDS correlation ? Biswas, Proneet
Question about alert Jason Humes
Re: Is snort dropping packets John Creegan
Re: Detecting http 'basic-auth' brute force Josh Berry
Obtaining HTTP header info and Barnyard Christopher Bell
Couple of quick questions Charles Lacroix
Re: Couple of quick questions Bennett Todd
Re: Asymmetric routing and IDS correlation ? Jason Haar
Re: Detecting http 'basic-auth' brute force Jason Haar
Re: Couple of quick questions Jason Haar
Re: http_decode line in snort.conf gets garbled Rajesh Joseph
How to set thresholds parameters for various attack Gaurav_Jindal
Swatch configuration problem Alan

Wednesday, 24 March

active response + managing sensors Marcin Laskowski
Re: Asymmetric routing and IDS correlation ? Dirk Geschke
Re: does --enable-flexresp(2) works? pierangelo motta
SynFlood / Total Connection Count with Snort Andy Simpson
Apache Whitespace and Bare Byte Unicode Encoding Lane LiaBraaten
RE: Swatch configuration problem Vogle, Brian
RE: Is snort dropping packets Jason Humes
RE: Is snort dropping packets John Creegan
RE: Is snort dropping packets Hutchinson, Andrew
RE: Is snort dropping packets Rodrigo B. Ramos
compiling snort with icc 8.0 Yonah Russ
Snort not logging to the /var/log/snort/alert file ids
Flex Response + NIC Dusty Hall
RE: Snort not logging to the /var/log/snort/alert file Shawn Kottke
Re: Snort not logging to the /var/log/snort/alert file Rodrigo B. Ramos
Re: RE: Snort not logging to the /var/log/snort/alert file ids
Re: Swatch configuration problem ids
Re: RE: Snort not logging to the /var/log/snort/alert f ile ids
Snort check Martin Bündgens
Re: Snort not logging to the /var/log/snort/alert file ids
Re: RE: Snort not logging to the /var/log/snort/alert file ids
Re: Snort not logging to the /var/log/snort/alert file ids
Re: Snort not logging to the /var/log/snort/alert file Shawn Kottke
Re: Snort not logging to the /var/log/snort/alert file twig les
Re: Snort not logging to the /var/log/snort/alert file ids
Re: Snort not logging to the /var/log/snort/alert file ids
Re: Is snort dropping packets Jeff
Re: Snort check Matt Kettler
RE: Snort not logging to the /var/log/snort/alert file Shawn Kottke
RE: Snort not logging to the /var/log/snort/alert file Shawn Kottke
Re: Is snort dropping packets John Creegan
Re: Couple of quick questions Charles Lacroix
Re: RE: Snort not logging to the /var/log/snort/alert file ids
RE: Snort not logging to the /var/log/snort/alert file Jim Hendrick
Re: RE: Snort not logging to the /var/log/snort/alert file Shawn Kottke
error while trying to install snort v2.1.1 with mySql v4.0.18 Luong, Natalie N
Re: RE: Snort not logging to the /var/log/snort/alert file Michael Sconzo
Re: RE: Snort not logging to the /var/log/snort/alert file ids
Content Usage Steve Johnson
Content Usage Steve Johnson
RE: RE: Snort not logging to the /var/log/snort/alertfile Jim Hendrick
Re: RE: Snort not logging to the /var/log/snort/alert file twig les
Re: RE: Snort not logging to the /var/log/snort/alert file Shawn Kottke
Incomplete RPC segment IntegPatchMgr

Thursday, 25 March

Great news! Snort not logging to the /var/log/snort/aler tfile Alan
Re: error while trying to install snort v2.1.1 with mySql v4.0.18 AJ Butcher, Information Systems and Computing
Re: Re[3]: -T option error AJ Butcher, Information Systems and Computing
Re: Question regarding creating rules in Snortcenter ... AJ Butcher, Information Systems and Computing
RE: Updating Rules? AJ Butcher, Information Systems and Computing
Re: SNORT (Linux) / MySQL (Win32) AJ Butcher, Information Systems and Computing
RE: Great news! Snort not logging to the /var/log/snort/aler tfile Jim Hendrick
Snort, unified/database output plugins, session capture AJ Butcher, Information Systems and Computing
RE: SNORT (Linux) / MySQL (Win32) AJ Butcher, Information Systems and Computing
Winpcap 3.1 beta and Snort Joerg Abdinghoff
Re: Snort not logging to the /var/log/snort/alert file Christopher Cramer
Incomplete RPC segment shivabasu
Snort Install - troubles Shane Cooper
Question about content keyword Steve Johnson
Auto magically building active host lists and ports...your thoughts ? Sean Wheeler
can Snort itself reconfigure a firewall customercare
Re: Snort en mode NIDS sanaâ Aitouchen
Snort 2.1.1 Issues with MySQL Connect on Solaris 2.8 Anderson, Don
problem mysql labyed souad
**S2I COMPILER** Denis Lyons
SQL error with WinSnort and ACID Kromodimedjo, John
Snort capabilities Marnus Marx
Re: Asymmetric routing and IDS correlation ? Michael Richardson
Snort 2.1.1 Issues with MySQL Connect on Solaris 2.8 Anderson, Don
RE: Disable alerts from certain machines - Not working for me? Snortty
Re: Snort Install - troubles Glenn Forbes Fleming Larratt
Snort stopped receiving alerts Rowland, Krisa W ERDC-ITL-MS Contractor
Re: Snort, unified/database output plugins, session capture Andrew R. Baker
Sensors 0 Rowland, Krisa W ERDC-ITL-MS Contractor
lost sensor Rowland, Krisa W ERDC-ITL-MS Contractor
RE: Snort stopped receiving alerts Rowland, Krisa W ERDC-ITL-MS Contractor
lost sensor Rowland, Krisa W ERDC-ITL-MS Contractor
RE: Snort stopped receiving alerts Shawn Kottke
Re: Snort, unified/database output plugins, session capture AJ Butcher, Information Systems and Computing
RE: lost sensor Shawn Kottke
Re: Content Usage Rodrigo B. Ramos
Snort and pcre error James Nonya
Obtaining HTTP header info and Barnyard Christopher Bell
error Rowland, Krisa W ERDC-ITL-MS Contractor
RE: Disable alerts from certain machines - Not working for me? Andreas Östling
TTL LIMIT Exceeded Sheahan, Paul
Re: Snort and pcre error Brian
RE: Snort with SPADE...snort in anomaly mode? pfeito
RE: HOME_NET var on snort.conf pfeito
Barnyard 0.2.0-rc1 available Andrew R. Baker

Friday, 26 March

Snort + Acid Cyril Beaufrere
Re: Snort capabilities AJ Butcher, Information Systems and Computing
RE: Disable alerts from certain machines - Not working for me? rodrigo . ramos
Snort Performance Laura
RE: Snort Performance Jim Hendrick
Re: Snort + Acid Cyril Beaufrere
Re: Snort + Acid AJ Butcher, Information Systems and Computing
Duplicate entry message Maetzky, Steffen (Extern)
Re: Snort Performance Mark . Schutzmann
TCP port 0 traffic Max Valdez
Re: Duplicate entry message Max Valdez
RE: Snort Performance Laura
RE: Disable alerts from certain machines - Not working for me? Snortty
Snort not logging to the /var/log/snort/alert file ids
Re: Snort Performance Rodrigo B. Ramos
RE: TTL LIMIT Exceeded Mark E. Donaldson
Re: TTL LIMIT Exceeded Jason
Re: Question about content keyword Dan
problem with snort and guardian Marcin Laskowski

Saturday, 27 March

RE: TTL LIMIT Exceeded Alejandro Flores
Re: problem with snort and guardian Alejandro Flores
Re: problem with snort and guardian Max Valdez
ANNOUNCEMENT: Snort-IDMEF-Plugin 1.2.4alpha for snort 2.1.1 released Sandro Poppi

Sunday, 28 March

Oinkmaster 1.0 beta1 Andreas Östling

Monday, 29 March

odd traffic Jose_Maria_Gonzalez
Re: odd traffic Michael Boman
Re: odd traffic AJ Butcher, Information Systems and Computing
Reconstruction of TCP packets Rajesh Joseph
Re: Reconstruction of TCP packets Dirk Geschke
global threshold quesiton David Wilburn
Re: Snort + Acid Tom Cinqmars
Re: Snort + Acid Tom Cinqmars
Snort/Barnyard/MySQL/ACID - Duplicate entry Maetzky, Steffen (Extern)
Snort & OpenBSD (sparc64) hb
RE: Snort 2.1.1 Issues with MySQL Connect on Solaris 2.8 Anderson, Don
Re: Reconstruction of TCP packets Rajesh Joseph
Barnyard and duplicate entries Maetzky, Steffen (Extern)
snort with openbsd and oracle Oturan Boga
Snort Virus Detector Jimmy Norton
Re: Barnyard and duplicate entries AJ Butcher, Information Systems and Computing
Re: Snort/Barnyard/MySQL/ACID - Duplicate entry Andrew R. Baker
RE: Snort Virus Detector Williams Jon
Re: global threshold quesiton Charles Lacroix
RE: RE: Snort 2.1.1 Issues with MySQL Connect on So laris 2.8 Anderson, Don
Re: Reconstruction of TCP packets Jason Haar
How to achieve alerts from tcpdump files? jwang
Problem with ethercard and promiscuous mode Jim Patterson
Re: Snort en mode NIDS ravivsn
snort and tap ethernet Alessandro Fiorenzi

Tuesday, 30 March

Re: snort and tap ethernet AJ Butcher, Information Systems and Computing
Swatch throttle problems Alan
Re: Problem with ethercard and promiscuous mode Josh Berry
OpenSource Alternative to SourceFire's RNA Josh Berry
Re: How to achieve alerts from tcpdump files? Nigel Houghton
Re: snort and tap ethernet Mark . Schutzmann
Re: Snort en mode NIDS Mark . Schutzmann
Questions about alerts from TCPDUMP jwang
flow-portscan, pcap files, and timestamps.. Erik Fichtner
Re: snort and tap ethernet Craig Paterson
False Positive or not? Cody R. Smith
(no subject) Kris
RE: snort and tap ethernet Spencer, Arthur
Re: False Positive or not? Max Valdez
Cisco Device Exploit Perl Script Mark . Schutzmann
Re: flow-portscan, pcap files, and timestamps.. Chris Green
ACID/Traffic Matching? Danny Cannady
Problem Compiling 2.1.1 on FreeBSD 5.1-RELEASE eric-dated-1083277626 . 193075aa63e273
Re: Cisco Device Exploit Perl Script Ben Nelson
RE: Cisco Device Exploit Perl Script Perrymon, Josh L.
syslog-ng email alerts agnelo d
127.0.0.1 Snort Man
Re: Reconstruction of TCP packets Rajesh Joseph
Re: Reconstruction of TCP packets Dirk Geschke

Wednesday, 31 March

AW: OpenSource Alternative to SourceFire's RNA Poppi, Sandro
Re: False Positive or not? AJ Butcher, Information Systems and Computing
Re: OpenSource Alternative to SourceFire's RNA AJ Butcher, Information Systems and Computing
Re: Reconstruction of TCP packets Rajesh Joseph
Re: Reconstruction of TCP packets Dirk Geschke
WinSNORT: PHP and MSSQL problem: Please recompile PHP with the necessary library (--enable-mssql) Uso
snort/mudpit - status Maetzky (extern)
Re: OpenSource Alternative to SourceFire's RNA AJ Butcher, Information Systems and Computing
Technically speaking G DINESH
Barnyard Problem with Payload and IPHeader Jochen Vogel
TCP and ACID Kromodimedjo, John
Snort code sumanth subramanian
Re: Disable alerts from certain machines Martin Roesch
Re: Snort code Rajesh Joseph
Re: Problem with ethercard and promiscuous mode Jim Patterson
RE: TCP and ACID Michael Steele
Snort on Windows 2000 Denise James
Re: OpenSource Alternative to SourceFire's RNA Josh Berry
RE: Snort on Windows 2000 Engle, Kurt
Is there any statistic for snort rules false positive alert? Lin Zhong
RE: TCP and ACID Shawn Kottke
aggregating perfmonitor stats Gary_Portnoy
how to block P2P with snort Sylvain BERTRAND
AW: OpenSource Alternative to SourceFire's RNA Sean Wheeler
Re: Snort code Matt Kettler
Re: Technically speaking Matt Kettler
Re: Is there any statistic for snort rules false positive alert? Keith W. McCammon
Re: WinSNORT: PHP and MSSQL problem: Please recompile PHP with the necessary library (--enable-mssql) pheusion () snet net
Re: how to block P2P with snort Charles Lacroix
Re: WinSNORT: PHP and MSSQL problem: Please recompile PHP with the necessary library (--enable-mssql) pheusion () snet net
Re: how to block P2P with snort Sylvain BERTRAND
Re: how to block P2P with snort Charles Lacroix
RE: TCP and ACID Kromodimedjo, John
RE: TCP and ACID Kromodimedjo, John
Snort 2.1.2 released! Jeremy Hewlett
RE: Cisco Device Exploit Perl Script Mark . Schutzmann
Announce: FLoP-1.2.0 Dirk Geschke

Previous period

Next period