Snort mailing list archives
New Snort 2.2 Rules
From: "Walt Rich" <walt.rich () parago com>
Date: Wed, 14 Sep 2005 15:26:31 -0500
I updated the Snort rules to the latest available on Souceforge's site. They wre auite out of date, and almost a year old. Snort is up and running, but has become very queit! It used to detect alot of false positives, which were a pain, but at least I knew it was working. Now it is very, very quiet, and hasn't detected anything in over 2 hours. Is it possible that the rule writers have become so good that the detection of false positives has been almost eliminated? Has anyone else experienced anything similar? Any input is greatly appreciated. Thanks! ________________________________ | Walt Rich | Sr. Network Engineer | Parago, Inc. | 972.538.7253 | walt.rich () parago com |
Current thread:
- New Snort 2.2 Rules Walt Rich (Sep 14)
- Re: New Snort 2.2 Rules Eric Hines (Sep 14)
- Re: New Snort 2.2 Rules Eric Hines (Sep 14)
- RE: New Snort 2.2 Rules Andre' M. DiMino (Sep 14)
- Re: New Snort 2.2 Rules Alex Kirk (Sep 14)
- RE: New Snort 2.2 Rules Andre' M. DiMino (Sep 15)
- Re: New Snort 2.2 Rules Alex Kirk (Sep 14)
- Re: New Snort 2.2 Rules Eric Hines (Sep 14)