Snort mailing list archives
Rules not Triggering after Snort v2.4.1
From: "Ron Jenkins" <rjenkins () dibr net>
Date: Wed, 21 Sep 2005 14:46:09 -0500
The below rule appears to have stopped working after upgrading to v2.4.1. alert udp $EXTERNAL_NET !500 -> $HOME_NET 500 (msg:"Client VPN Phase 1 Traffic"; classtype: attempted-admin; sid:1234002; rev:1;) Any ideas? Thanks.... Ron Jenkins (MCNE, CNE6, MCP, CCNA, CCEA) Senior Architect Data Integrity, LLC "We Integrate People with Solutions" 1724 Dallas Drive Suite 11 Baton Rouge, La 70806 Office. 225.927.8030 Fax. 225.927.8033 Cell225.931.1632 Email. rjenkins () dibr net Web. www.dibr.net
Current thread:
- Rules not Triggering after Snort v2.4.1 Ron Jenkins (Sep 21)
- Snort Beer Question Theodore Stout (Sep 23)
- Re: Snort Beer Question Dominik Gehl (Sep 23)
- Re: Snort Beer Question Theodore Stout (Sep 23)
- Re: Snort Beer Question Dominik Gehl (Sep 23)
- Re: Snort Beer Question Theodore Stout (Sep 23)
- Re: Snort Beer Question Joe S (Sep 23)
- RE: Snort Beer Question Charles Heselton (Sep 23)
- Re: Snort Beer Question Dominik Gehl (Sep 23)
- Snort Beer Question Theodore Stout (Sep 23)