Snort mailing list archives
How to search for SID?
From: "Chong Lee Poh" <Chong.LeePoh () allianz com my>
Date: Fri, 16 Apr 2010 11:21:28 +0800
Hi, My Snort report tool (SnortALog) generated info such as "WEB-MISC SSLv3 invalid data version attempt {tcp}", without showing the SID. I do not have the SID, but I would like to find out if this alert relevant to me. Is there a web site that I can key in the alert to look for SID or explanation of the alert? I use "http://www.snortid.com/" to look for description when I have the SID. However, for alert without SID, where can I obtain further information? Please assist!! Many thanks in advance. Regards, Chong This e-mail and any attachments therewith are intended only for the use of the address. This e-mail may contain confidential and privileged information. Any unauthorized use, copying or disclosure of information contained in this e-mail or its attachments is strictly prohibited and may be unlawful. If you have received this e-mail in error, please contact the sender via return e-mail and delete this e-mail and attachments thereafter. Any confidentiality or privilege is not waived or lost because this e-mail has been sent to you by mistake. Any liability for viruses is excluded to the fullest extent permitted by law. ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs
Current thread:
- Re: Sourcefire VRT Certified Snort Rules Update 2010-04-13 infosec posts (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update 2010-04-13 Nigel Houghton (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Nigel Houghton (Apr 14)
- Re: Sourcefire VRT Certified Snort RulesUpdate2010-04-13 evilghost () packetmail net (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Jeff Nathan (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Jeff Nathan (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)
- Message not available
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)
- How to search for SID? Chong Lee Poh (Apr 15)
- Re: How to search for SID? Rodrigo Montoro(Sp0oKeR) (Apr 16)
- Re: How to search for SID? Joel Esler (Apr 16)
- SSLv2 alerts Chong Lee Poh (Jun 02)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Nigel Houghton (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 chris . kniseley (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 infosec posts (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)