Snort mailing list archives
BASE 1.0.2 Unexpected Result /Inconsistency
From: "Briggs, Bruce" <Bruce.Briggs () suny edu>
Date: Mon, 28 Mar 2005 15:05:55 -0500
1. select an alert Signature from the list. you get a detail list of the alert packets 2. select Unique Addresses Destination you get a list of destination IP addrs and packet counts 3. select one of the addresses by clicking on the appropriate IP Address field the value listed in Occurrences as Dest. is the count of all packets for that IP addr in the database, not those for this specific alert Signature 4. select the count field. the list displays only packets for the alert Signature for that IP addr I would expect consistency. a) I should get a count in 3. above of only packets from that IP addr matching the alert Signature, because that is the list that is displayed in 4. - or - b) in 4. above, I should get all packets matching that IP addr. My preference is for b). Bruce ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95&alloc_id396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- BASE 1.0.2 Unexpected Result /Inconsistency Briggs, Bruce (Mar 28)