Snort: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

1238 messages starting Jan 02 13 and ending Mar 30 13
Date index | Thread index | Author index

Wednesday, 02 January

Re: [Snort-devel] Snort Configuration Problems Michael Steele
Re: snort SIGSEGV Russ Combs
Re: The detect function Russ Combs
Re: [Snort-devel] Snort Configuration Problems Michael Steele
Rule port question honeybadger
Re: Barnyard2 database failures Dave Corsello
Re: Barnyard2 database failures beenph
Re: Rule port question JJC
compilation fail daq 2.0.0 Nikola Vulovic
Persistent problems with rule updates for Registerd Users Michael Steele

Thursday, 03 January

Re: compilation fail daq 2.0.0 Weir, Jason
Re: compilation fail daq 2.0.0 Russ Combs
Re: Persistent problems with rule updates for Registerd Users Russ Combs
Unified2 extra data Peter Bates
Re: Persistent problems with rule updates for Registerd Users Michael Steele
Re: Unified2 extra data beenph
Re: Persistent problems with rule updates for Registerd Users Jason
Re: Persistent problems with rule updates for Registerd Users Joel Esler
Sourcefire VRT Certified Snort Rules Update 2013-01-03 Research
Re: Barnyard2 database failures waldo kitty
Re: Persistent problems with rule updates for Registerd Users Michael Steele
Re: Persistent problems with rule updates for Registerd Users Joel Esler
Re: Persistent problems with rule updates for Registerd Users Jeff Kell
Re: Persistent problems with rule updates for Registerd Users Michael Steele
Re: Persistent problems with rule updates for Registerd Users Michael Steele

Friday, 04 January

Re: Persistent problems with rule updates for Registerd Users Joel Esler
Re: Persistent problems with rule updates for Registerd Users Joel Esler
Re: Barnyard2 database failures beenph
Re: Persistent problems with rule updates for Registerd Users Michael Steele
Re: Persistent problems with rule updates for Registerd Users Joel Esler
Re: Persistent problems with rule updates for Registerd Users Michael Steele
Re: Persistent problems with rule updates for Registerd Users Jeff Kell
Re: Persistent problems with rule updates for Registerd Users Joel Esler
Re: Persistent problems with rule updates for Registerd Users Joel Esler
Re: Persistent problems with rule updates for Registerd Users Michael Steele
Re: Persistent problems with rule updates for Registerd Users Jeff Kell
Re: Persistent problems with rule updates for Registerd Users Joel Esler

Saturday, 05 January

Upgraded snort.conf and no bpf? Joe Seanor
Pcap filename from --pcap-dir? Andre DiMino
Re: Pcap filename from --pcap-dir? beenph
Re: Pcap filename from --pcap-dir? Edward Fjellskål
Re: Pcap filename from --pcap-dir? beenph

Sunday, 06 January

sid 15554 yew chuan Ong
sfportscan Preprocessor Zahra Hakimi
Re: Barnyard2 database failures waldo kitty
Re: Barnyard2 database failures beenph

Monday, 07 January

Re: Pcap filename from --pcap-dir? Alex Kirk
Re: Rebuilding the wheel Mike Miller
Updating Rules using Oinkmaster Yayan Tri Taryana

Tuesday, 08 January

Re: Updating Rules using Oinkmaster Peter Bates
Sourcefire VRT Certified Snort Rules Update 2013-01-08 Research
Rule checking logic ("checking" as defined by rule profile stats) question Mike Cox
Identify outbound SSH connections Craig Merchant
Snort 2.9.3.1 so rules seems not working Paul Tsang
Re: Identify outbound SSH connections Y M
Barnyard Waldo File Corrupted/Truncated Yayan Tri Taryana

Wednesday, 09 January

Database Decoding Reshma Purushothaman
Snort 2.9.4 installation in inline mode immanuel
Rule set for non-intrusive events? Steve Marotta
Re: Rule set for non-intrusive events? Castle, Shane
Re: Rule set for non-intrusive events? Eoin Miller
Re: Rule set for non-intrusive events? Steve Marotta
Re: Fwd: Rule checking logic ("checking" as defined by rule profile stats) question Steven Sturges
Re: Rule set for non-intrusive events? John Ives
Re: Fwd: Rule checking logic ("checking" as defined by rule profile stats) question Mike Cox
decoderActionQ Maverick
Problem accessing telnet data Henrique Santos

Thursday, 10 January

Re: decoderActionQ Mitesh Jadia
Re: Fwd: Rule checking logic ("checking" as defined by rule profile stats) question Mike Cox
Sourcefire VRT Certified Snort Rules Update 2013-01-10 Research
unified2_extra_data Brad Tilley
Way to generate alerts? Matthew Van Gent
Re: unified2_extra_data Russ Combs
Re: Way to generate alerts? Heine Lysemose
Re: Way to generate alerts? Matthew Van Gent
Best practices for setting HOME_NET Craig Merchant

Friday, 11 January

Database sizing and tuning Mike Miller
Re: unified2_extra_data Brad Tilley
Re: Best practices for setting HOME_NET Joel Esler
Re: Database sizing and tuning Joel Esler
Re: Best practices for setting HOME_NET Kevin Ross
Re: Best practices for setting HOME_NET Jeremy Hoel
Trying to understand file.exe flowbit Bobby Hinzman
Re: unified2_extra_data Victor Roemer
Re: Trying to understand file.exe flowbit Joel Esler
SNORT openflow patricio
Re: Best practices for setting HOME_NET Mike Miller
Re: Best practices for setting HOME_NET Joel Esler
Re: Best practices for setting HOME_NET Mike Miller
Re: Best practices for setting HOME_NET Joel Esler
Re: Best practices for setting HOME_NET waldo kitty
Re: Best practices for setting HOME_NET waldo kitty

Saturday, 12 January

Re: SNORT openflow balaji patnala
(no subject) Nikola Vulovic
Re: (no subject) Joel Esler
Re: (no subject) Y M

Sunday, 13 January

HTTP Filtering using Snort Sharon Sahar
Re: HTTP Filtering using Snort Sharon Sahar
Re: HTTP Filtering using Snort Rodrigo Montoro(Sp0oKeR)
Re: SNORT openflow patricio
Fwd: jacki buddy
Re: SNORT openflow Jason Ish
Re: Fwd: Rule checking logic ("checking" as defined by rule profile stats) question Steven Sturges

Monday, 14 January

Re: HTTP Filtering using Snort Heine Lysemose
Re: SNORT openflow Russ Combs
Sourcefire VRT Certified Snort Rules Update 2013-01-14 Research
Unknown ClassType: trojan-activity Smith, Edward
Re: Unknown ClassType: trojan-activity Joel Esler
Re: Unknown ClassType: trojan-activity Smith, Edward
Custom variables in rules and snort.conf Craig Merchant
Re: Unknown ClassType: trojan-activity Joel Esler
Re: Custom variables in rules and snort.conf waldo kitty
Re: Custom variables in rules and snort.conf Joel Esler

Tuesday, 15 January

'make' Snort to compile my own preprocessor Alex Adamos
Re: 'make' Snort to compile my own preprocessor Victor Roemer
Sourcefire VRT Certified Snort Rules Update 2013-01-15 Research
Re: 'make' Snort to compile my own preprocessor Alex Adamos
incorrect FDDI test in decode.c leads to reading uninitialized fields Tavis Ormandy
Re: incorrect FDDI test in decode.c leads to reading uninitialized fields Victor Roemer
Re: 'make' Snort to compile my own preprocessor waldo kitty
Re: incorrect FDDI test in decode.c leads to reading uninitialized fields Joel Esler
Compiling your own SO Rules Dheeraj Gupta

Wednesday, 16 January

Snort, Barnyard2 and Snorby alert classification mismatch hanx hi
Re: Snort, Barnyard2 and Snorby alert classification mismatch beenph
Re: Snort, Barnyard2 and Snorby alert classification mismatch beenph
Potential vulnerabilities of some Snort regexes Asiri Rathnayake
Re: Snort, Barnyard2 and Snorby alert classification mismatch hanx hi
Re: Sourcefire VRT Certified Snort Rules Update 2013-01-15 Starner, Mark
Re: Sourcefire VRT Certified Snort Rules Update 2013-01-15 Joel Esler

Thursday, 17 January

Re: Sourcefire VRT Certified Snort Rules Update 2013-01-15 Joel Esler
Re: Way to generate alerts? Giles Coochey
Re: Way to generate alerts? Joel Esler
Sourcefire VRT Certified Snort Rules Update 2013-01-17 Research

Friday, 18 January

Snort on proxy (outbound alerts) Thibaud Raso
Is it possible their is a signature that will show connected users to certain servers via terminal services? Aisling Brennan
Re: Snort on proxy (outbound alerts) Balasubramaniam Natarajan
Re: Snort on proxy (outbound alerts) J. H
Re: Snort on proxy (outbound alerts) Balasubramaniam Natarajan
Re: Snort on proxy (outbound alerts) waldo kitty
Re: Snort on proxy (outbound alerts) T. R
Re: Snort on proxy (outbound alerts) Jason Wallace
Re: Snort on proxy (outbound alerts) Jason Wallace
Re: Snort on proxy (outbound alerts) Joel Esler
Re: Snort on proxy (outbound alerts) Jason Wallace
Could you send me on a signature to capture all emails that are sent to a domain, for example “@tnt.com”. Aisling Brennan

Saturday, 19 January

Enquiry Sourcefire VRT Rules Update Dennis Lau
Snort Pattern alghoritm Mārtiņš Sapats
Snort and buffering of packets Knut Borg
Snort Barnyard2 and Snorby alert classification Federico Carbonell
Re: Snort Barnyard2 and Snorby alert classification beenph
Help with a rule Michael Bower
Re: Help with a rule Joel Esler
Re: Snort and buffering of packets Joel Esler
Re: [Snort-sigs] Could you send me on a signature to capture all emails that are sent to a domain, for example “@tnt.com”. Balasubramaniam Natarajan
Snort 2.9.4 and libsf_engine.so Alex Adamos
Re: Snort 2.9.4 and libsf_engine.so Alex Adamos
Re: Snort 2.9.4 and libsf_engine.so Alex Adamos
Re: Snort 2.9.4 and libsf_engine.so Joel Esler
Re: Snort 2.9.4 and libsf_engine.so Justin Knox

Sunday, 20 January

Re: [Emerging-Sigs] Creating Potential DOS HTTP sig Kevin Ross
About IDS package Mayur Patil

Monday, 21 January

DPX starter kit installation Alex Adamos
Re: Enquiry Sourcefire VRT Rules Update Joel Esler
DPX starter kit installation‏ Alex Adamos
Creating a PostgreSQL database for snort on Debian system giulia603 () virgilio it
Re: Creating a PostgreSQL database for snort on Debian system waldo kitty
[HITB-Announce] REMINDER: #HITB2013AMS Call for Papers Closes 8th Feb Hafez Kamal

Tuesday, 22 January

Re: DPX starter kit installation Alex Adamos
Re: DPX starter kit installation Alex Adamos
Snort Unixsock patricio
Snort Unixsock patricio
Re: DPX starter kit installation Hui Cao
Re: DPX starter kit installation Alex Adamos
Re: DPX starter kit installation Hui Cao
Re: [Emerging-Sigs] Creating Potential DOS HTTP sig Russ Combs
Re: DPX starter kit installation Alex Adamos
Java vulnerability detection Antonin
Re: Java vulnerability detection Joel Esler
Re: Java vulnerability detection Antonin
Sourcefire VRT Certified Snort Rules Update 2013-01-22 Research

Wednesday, 23 January

Value of max_gzip_mem listed in documentation Stark, Vernon L.
Re: Snort Unixsock patricio
Re: Snort Unixsock patricio
Re: Value of max_gzip_mem listed in documentation Hui Cao
Snort Block rules download for IPS mode immanuel

Thursday, 24 January

Re: Snort and buffering of packets Knut Borg
Re: Snort and buffering of packets Joel Esler
Re: Snort Block rules download for IPS mode Joel Esler
Barnyard2 - Phantom cid/sid? Eoin Miller
Re: Barnyard2 - Phantom cid/sid? beenph
Re: Barnyard2 - Phantom cid/sid? Eoin Miller
Re: Barnyard2 - Phantom cid/sid? beenph
Sourcefire VRT Certified Snort Rules Update 2013-01-24 Research

Friday, 25 January

Re: DAQ complaint. Unable to build snort snort-2.9.4 עמית קליינמן
Need help: a custom snort signature that will detect attachments (inbound + outbound) Aisling Brennan
Optimized implementation of AC and AC_Q pattern matching algorithms abed mohammad kamaluddin
Snort Configuration Problem sumitkamboj88 () gmail com
DAQ complaint. Unable to build snort snort-2.9.4 עמית קליינמן
Real Time Alert and Variables Nicholas Horton
Re: [Snort-devel] DAQ complaint. Unable to build snort snort-2.9.4 Hui Cao
Re: DAQ complaint. Unable to build snort snort-2.9.4 עמית קליינמן
Re: Real Time Alert and Variables Y M
Re: Real Time Alert and Variables Nicholas Horton
Re: Need help: a custom snort signature that will detect attachments (inbound + outbound) waldo kitty
Re: Snort Configuration Problem waldo kitty
Snort on Amazon EC2 Greg Taylor-Broun
Re: Need help: a custom snort signature that will detect attachments (inbound + outbound) Joel Esler
CPU Affinity Craig Merchant
Re: CPU Affinity Livio Ricciulli
NIDS in the Cloud (was: Snort on Amazon EC2) Jason Haar
Re: NIDS in the Cloud Livio Ricciulli

Saturday, 26 January

[PATCH]: Add Nonce Sum bit to 'flags' Joshua Kinard
IPS packet reject handling doesn't work as expected Lukas Matt
Pass rules - no effect/not working Ward Sladek
Snort Pattern alghoritm Martins Sapats
Re: Optimized implementation of AC and AC_Q pattern matching algorithms Hui Cao
Re: IPS packet reject handling doesn't work as expected Joel Esler
Re: Optimized implementation of AC and AC_Q pattern matching algorithms Pablo Cantos
Re: Optimized implementation of AC and AC_Q pattern matching algorithms Joel Esler
Re: NIDS in the Cloud (was: Snort on Amazon EC2) Eric G
Re: Optimized implementation of AC and AC_Q pattern matching algorithms abed mohammad kamaluddin
Re: Optimized implementation of AC and AC_Q pattern matching algorithms abed mohammad kamaluddin
Re: CPU Affinity Craig Merchant
Re: Could you send me on a signature to capture all emails that are sent to a domain, for example “@tnt.com”. Aisling Brennan
Re: Could you send me on a signature to capture all emails that are sent to a domain, for example “@tnt.com”. lists () packetmail net
Re: Could you send me on a signature to capture all emails that are sent to a domain, for example “@tnt.com”. Ned Moran
Re: Could you send me on a signature to capture all emails that are sent to a domain, for example “@tnt.com”. waldo kitty
Re: IPS packet reject handling doesn't work as expected Jamie Riden

Sunday, 27 January

Re: Pass rules - no effect/not working Jeremy Hoel
Re: Real Time Alert and Variables Nicholas Horton
Re: CPU Affinity Livio Ricciulli
Re: Real Time Alert and Variables Greg Williams
Re: Real Time Alert and Variables Nicholas Horton
Re: Real Time Alert and Variables Greg Williams
Re: Real Time Alert and Variables Nicholas Horton
Re: Real Time Alert and Variables Michael Steele
Re: Real Time Alert and Variables Greg Williams
Re: Snort Block rules download for IPS mode immanuel

Monday, 28 January

Re: Snort Block rules download for IPS mode waldo kitty
UNSUBSCRIBE Alistair Thomson
Re: [PATCH]: Add Nonce Sum bit to 'flags' Todd Wease
Re: Snort Pattern alghoritm Todd Wease
Snort on AWS Topher ZiCornell
Snort and Proxmox Josh Bitto
Re: Optimized implementation of AC and AC_Q pattern matching algorithms abed mohammad kamaluddin
Re: Snort and Proxmox Jeremy Hoel
var or ipvar? waldo kitty
Re: Snort and Proxmox Jeremy Hoel
Re: var or ipvar? Nicholas Bogart
Re: Snort and Proxmox Josh Bitto
Re: var or ipvar? Joel Esler
Re: var or ipvar? waldo kitty
Re: var or ipvar? Y M
Re: var or ipvar? waldo kitty
Re: Snort and Proxmox Jeremy Hoel
Re: Optimized implementation of AC and AC_Q pattern matching algorithms Pablo Cantos
Re: var or ipvar? Nicholas Bogart
SNORT compilation in ECLIPSE patricio
SNORT compilation in ECLIPSE patricio
Re: var or ipvar? Joel Esler
Re: UNSUBSCRIBE Jamie Riden
Re: Snort and Proxmox Josh Bitto
Re: var or ipvar? waldo kitty
Re: Snort and Proxmox Jeremy Hoel
Re: Snort and Proxmox Josh Bitto
Re: Snort and Proxmox Jeremy Hoel
Re: Snort and Proxmox Josh Bitto
Re: Snort and Proxmox Josh Bitto
Re: Snort and Proxmox Jeremy Hoel
Re: Snort and Proxmox Josh Bitto
Re: var or ipvar? Todd Wease
Re: Snort and Proxmox Jeremy Hoel
Re: Snort and Proxmox Josh Bitto
Re: Snort and Proxmox Jeremy Hoel
Re: Snort and Proxmox Josh Bitto
Re: var or ipvar? waldo kitty
Re: var or ipvar? Joel Esler
Re: var or ipvar? waldo kitty
Re: Snort and Proxmox waldo kitty
Re: Snort and Proxmox waldo kitty
Re: var or ipvar? waldo kitty

Tuesday, 29 January

Explanation of Rule 1:19189:4 Nicholas Horton
Re: Explanation of Rule 1:19189:4 rmkml
Virtual Machines and Hypervisors Juan Camilo Valencia
Re: Explanation of Rule 1:19189:4 Nicholas Horton
Re: Virtual Machines and Hypervisors Joel Esler
Re: Virtual Machines and Hypervisors Joel Esler
Re: Virtual Machines and Hypervisors Juan Camilo Valencia
Fwd: Re: Virtual Machines and Hypervisors Mikael Keri
Re: var or ipvar? Todd Wease
Re: Explanation of Rule 1:19189:4 rmkml
Re: Explanation of Rule 1:19189:4 Joel Esler
Re: Virtual Machines and Hypervisors Joel Esler
Re: Snort and Proxmox Josh Bitto
What is the correct syntax for bpf_file? Miguel Alvarez
Re: What is the correct syntax for bpf_file? rmkml
Re: What is the correct syntax for bpf_file? Miguel Alvarez
Re: Explanation of Rule 1:19189:4 Nicholas Horton
Re : Re: What is the correct syntax for bpf_file? Rm Kml
Re: Explanation of Rule 1:19189:4 Nicholas Horton
Re: Virtual Machines and Hypervisors Jefferson, Shawn
Sourcefire VRT Certified Snort Rules Update 2013-01-29 Research
Re: Virtual Machines and Hypervisors Joel Esler
Re: Virtual Machines and Hypervisors mikael keri
Fwd: Brad Turnbough
Dynamic Preprocessor- packets from established flows Alex Adamos
Re: Fwd: Jeff Jarmoc
Re: Re : Re: What is the correct syntax for bpf_file? Miguel Alvarez
Re: Fwd: waldo kitty
Re: Fwd: Eric G
Re: Fwd: Joel Esler

Wednesday, 30 January

Re: Virtual Machines and Hypervisors Ulric Eriksson
Snort not logging to unified2 Sacher , Désirée
Re: Dynamic Preprocessor- packets from established flows Todd Wease
Re: Snort not logging to unified2 Todd Wease
Re: Re : Re: What is the correct syntax for bpf_file? Todd Wease
Re: Snort not logging to unified2 Sacher , Désirée
(no subject) Agent Smith
Quick and dirty James Lay
Re: Quick and dirty rmkml
Re: Quick and dirty James Lay
Testing Snort Josh Bitto
Re: Re : Re: What is the correct syntax for bpf_file? Miguel Alvarez
Re: Testing Snort Jeremy Hoel
Re: Testing Snort Josh Bitto
Re: Testing Snort Jeremy Hoel
Need help in snort rule sandeep mlist
Re: Fwd: waldo kitty
Re: Need help in snort rule waldo kitty
Re: Testing Snort Justin Knox
Re: Fwd: Bjoern Meier
Re: Virtual Machines and Hypervisors Juan Camilo Valencia
Re: Pass rules - no effect/not working Ward Sladek
Re: Virtual Machines and Hypervisors Juan Camilo Valencia
Re: (no subject) Joel Esler
Re: Testing Snort Russ Combs
Re: Need help in snort rule Joel Esler
Re: Quick and dirty Joel Esler
Re: Quick and dirty James Lay
Re: Quick and dirty lists () packetmail net
Re: Testing Snort Josh Bitto
Re: Testing Snort Joel Esler
Re: Testing Snort Jeremy Hoel
Re: Quick and dirty James Lay
Re: Testing Snort Josh Bitto
Re: Testing Snort Joel Esler
Re: Testing Snort Josh Bitto
Re: (no subject) waldo kitty
Re: Testing Snort Josh Bitto
Re: [barnyard2-users] Logging to the Windows event log Michael Steele
Re: [barnyard2-users] Logging to the Windows event log Michael Steele
Re: Need help in snort rule sandeep mlist

Thursday, 31 January

Re: Real Time Alert and Variables Michael Steele
Problems with installing snort 2.9.4 on centos 6.3 עמית קליינמן
Logging problems on Windows using the -E switch Michael Steele
Re: Real Time Alert and Variables Michael Steele
Re: Logging problems on Windows using the -E switch Todd Wease
Re: Dynamic Preprocessor- packets from established flows Alex Adamos
Re: Dynamic Preprocessor- packets from established flows Todd Wease
Re: Dynamic Preprocessor- packets from established flows Alex Adamos
Re: Testing Snort Jeremy Hoel
Re: Real Time Alert and Variables Justin
Re: Testing Snort JJC
Re: Logging problems on Windows using the -E switch Michael Steele
Snort and SQL on PFsense Josh Bitto
Re: Snort and SQL on PFsense Jeremy Hoel
[HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions Hafez Kamal

Friday, 01 February

Re: Snort and SQL on PFsense Josh Bitto
Re: Snort and SQL on PFsense Jeremy Hoel
Re: Snort and SQL on PFsense Josh Bitto
Re: Snort and SQL on PFsense Josh Bitto
Sourcefire VRT Certified Snort Rules Update 2013-02-01 Research
Snort and SQL database Josh Bitto
Re: Snort and SQL database Jeremy Hoel
Re: Snort and SQL database Josh Bitto
Re: Snort and SQL database Jeremy Hoel
Re: Snort and SQL database waldo kitty

Saturday, 02 February

Hash function for ip 4-tuple Alex Adamos

Sunday, 03 February

About Snort installation Mayur Patil
Snort Prathibha P G
Pulledpork Returning 403 on snortrules-snapshot Dan Rossiter
Re: Pulledpork Returning 403 on snortrules-snapshot Joel Esler
Re: Pulledpork Returning 403 on snortrules-snapshot JJ Cummings

Monday, 04 February

Re: Hash function for ip 4-tuple Kiryukhin Andrey
Re: Hash function for ip 4-tuple Alex Adamos
About Snort installation Mayur Patil
Re: About Snort installation Josh Bitto
About Snort installation Mayur Patil
Re: Hash function for ip 4-tuple Bhagya Bantwal
Barnyard2 schema Josh Bitto
Re: Barnyard2 schema Joel Esler
formatting of variables Michael Brown
Snort Rules 2940 Problem Yeison Camargo

Tuesday, 05 February

DPX linker error Alex Adamos
ERROR: Failed to initialize dynamic preprocessor: SF_GTP (IPV6) version 1.1.1 (-2) Lutfi ODUNCUOGLU
Re: DPX linker error Alex Adamos
Re: Snort Chinmay Mahata
Juniper vulnerability signature coverage? Kungu Panda
Restart snort inline without traffic loss? Andy
Sourcefire VRT Certified Snort Rules Update 2013-02-05 Research
Re: Restart snort inline without traffic loss? Heine Lysemose
ICMP rule triggered by UDP packet Kern, Daniel P. x1449
Re: ICMP rule triggered by UDP packet Castle, Shane

Wednesday, 06 February

Re: Restart snort inline without traffic loss? Andy
Re: Restart snort inline without traffic loss? Y M
Re: Restart snort inline without traffic loss? Mitesh Jadia
Re: Real Time Alert and Variables Nicholas Horton
Re: ICMP rule triggered by UDP packet Kern, Daniel P. x1449
Re: [Snort-users] Restart snort inline without traffic loss? Chinmay Mahata
Snort in Inline Mode on CentOS 6.3 Okeowo, Ayo
Re: Snort in Inline Mode on CentOS 6.3 Y M
New install of Snort on Windows 2008 Erik D. Sciortino
Re: Snort in Inline Mode on CentOS 6.3 Y M
Re: Real Time Alert and Variables Joel Esler
Re: New install of Snort on Windows 2008 Joel Esler
Re: New install of Snort on Windows 2008 Erik D. Sciortino
Re: ERROR: Failed to initialize dynamic preprocessor: SF_GTP (IPV6) version 1.1.1 (-2) waldo kitty
Re: Restart snort inline without traffic loss? waldo kitty
Re: Restart snort inline without traffic loss? waldo kitty
Snort and Barnyard2 Josh Bitto
Re: Snort and Barnyard2 Y M
Re: Snort and Barnyard2 Josh Bitto
Re: Snort and Barnyard2 Y M
Re: Snort and Barnyard2 beenph
Re: Snort and Barnyard2 Josh Bitto
Re: Snort and Barnyard2 Y M
Re: Snort and Barnyard2 Josh Bitto
Re: Snort and Barnyard2 Y M
Re: Snort and Barnyard2 Y M

Thursday, 07 February

DPX linker error Alex Adamos
Huge performance drop for Snort-2.9.4 abed mohammad kamaluddin
Re: DPX linker error Alex Adamos
Re: Real Time Alert and Variables Nicholas Horton
Whitelisting Erik D. Sciortino
Re: Snort and Barnyard2 Josh Bitto
Re: Whitelisting Jeremy Hoel
Re: Real Time Alert and Variables Jeremy Hoel
Re: Snort and Barnyard2 Josh Bitto
Re: Real Time Alert and Variables Lay, James
Updates Josh Bitto
Re: Real Time Alert and Variables Nicholas Horton
Re: Restart snort inline without traffic loss? Andy
Re: Restart snort inline without traffic loss? Joel Esler
Re: Restart snort inline without traffic loss? waldo kitty
Re: Snort and Barnyard2 Josh Bitto
Re: Snort and Barnyard2 beenph
Re: Huge performance drop for Snort-2.9.4 Bhagya Bantwal
Re: Snort and Barnyard2 Josh Bitto
Re: Snort and Barnyard2 Josh Bitto
Sourcefire VRT Certified Snort Rules Update 2013-02-07 Research
Snort rules: TOR Servers David Cottam
Snort rules: Anonymous Proxy David Cottam
Re: Snort rules: TOR Servers Joel Esler

Friday, 08 February

Re: Restart snort inline without traffic loss? Andy
Re: Huge performance drop for Snort-2.9.4 abed mohammad kamaluddin
Re: Restart snort inline without traffic loss? Y M
Re: Restart snort inline without traffic loss? Andy
Re: Restart snort inline without traffic loss? Joel Esler
Re: Restart snort inline without traffic loss? Jeremy Hoel
Re: Restart snort inline without traffic loss? waldo kitty
Re: Restart snort inline without traffic loss? Andy
Re: Restart snort inline without traffic loss? Y M
Sourcefire VRT Certified Snort Rules Update 2013-02-08 Research

Saturday, 09 February

PulledPork not processing Michael Steele
About Snort GUI report:Just missed the result Mayur Patil
Re: Snort rules: Anonymous Proxy Joel Esler

Sunday, 10 February

Re: PulledPork not processing Michael Steele
Re: PulledPork not processing Joel Esler
Re: [Emerging-Sigs] http preprocessor issue (help!) Joel Esler
Re: [Emerging-Sigs] http preprocessor issue (help!) Joel Esler
Re: [Emerging-Sigs] http preprocessor issue (help!) Joel Esler
Re: PulledPork not processing Joel Esler
Re: Updates Joel Esler
Re: PulledPork not processing JJ Cummings
Re: Snort in Inline Mode on CentOS 6.3 Y M
Fwd: Snort in Inline Mode on CentOS 6.3 Okeowo, Ayo
Re: Snort in Inline Mode on CentOS 6.3 Y M
Re: Snort in Inline Mode on CentOS 6.3 Okeowo, Ayo
Re: Snort in Inline Mode on CentOS 6.3 Y M
Re: Snort in Inline Mode on CentOS 6.3 Okeowo, Ayo
Re: Snort in Inline Mode on CentOS 6.3 Okeowo, Ayo
Re: PulledPork not processing Tony Robinson
Re: PulledPork not processing Michael Steele
Re: PulledPork not processing JJ Cummings
DAQ installation error Dhruv Desai

Monday, 11 February

Re: DAQ installation error praveen_recker .
malware-cnc.rules Gaißer , Carmen
Re: malware-cnc.rules Alex McDonnell
Install Snort 2.9 on Mac OSX (Lion) Jessica B
Re: Install Snort 2.9 on Mac OSX (Lion) Jason
Re: Real Time Alert and Variables Martin Holste
Need help with byte_test sandeep mlist

Tuesday, 12 February

Snort 2.9.4.0 on CentOS 5.8 Kaushal Shriyan
Re: Snort 2.9.4.0 on CentOS 5.8 Kaushal Shriyan
Re: Install Snort 2.9 on Mac OSX (Lion) Ray Caparros
Re: Snort 2.9.4.0 on CentOS 5.8 Kaushal Shriyan
Re: Snort 2.9.4.0 on CentOS 5.8 vincent
Re: Snort 2.9.4.0 on CentOS 5.8 vincent
Re: DAQ installation error Dhruv Desai
Re: Need help with byte_test Joel Esler
Re: Real Time Alert and Variables Nicholas Horton
Snort not collecting data after installing pulledpork and running rules update Erik D. Sciortino
Re: Snort 2.9.4.0 on CentOS 5.8 Tony Reusser
WAN and LAN interfaces Josh Bitto
Re: WAN and LAN interfaces Josh Bitto
Integrating ClamAv into Snort Ayodele Okeowo
Re: Snort not collecting data after installing pulledpork and running rules update JJC
Re: WAN and LAN interfaces Josh Bitto
Re: Snort not collecting data after installing pulledpork and running rules update Joel Esler
Re: Need help with byte_test waldo kitty
Re: Integrating ClamAv into Snort waldo kitty
Re: Snort not collecting data after installing pulledpork and running rules update Michael Steele
Re: Integrating ClamAv into Snort Jefferson, Shawn
Re: Integrating ClamAv into Snort Ayodele Okeowo
Re: Integrating ClamAv into Snort Ayodele Okeowo
Re: Integrating ClamAv into Snort Ayodele Okeowo
Re: Need help with byte_test Jeremy Hoel
Re: Integrating ClamAv into Snort Jefferson, Shawn
Re: Need help with byte_test waldo kitty
Quick question about byte_test Jeffrey Stebelton
Re: Integrating ClamAv into Snort Ayodele Okeowo
Re: Integrating ClamAv into Snort Jeremy Hoel
Re: Integrating ClamAv into Snort Ayodele Okeowo
Re: Real Time Alert and Variables Nicholas Horton
Sourcefire VRT Certified Snort Rules Update 2013-02-12 Research
Re: Integrating ClamAv into Snort Joel Esler
Re: Integrating ClamAv into Snort Joel Esler
Re: Need help with byte_test Joel Esler
Re: Integrating ClamAv into Snort Ayodele Okeowo

Wednesday, 13 February

Install Howie
Re: Snort not collecting data after installing pulledpork and running rules update Erik D. Sciortino
Re: Snort not collecting data after installing pulledpork and running rules update Erik D. Sciortino
Re: Snort not collecting data after installing pulledpork and running rules update Erik D. Sciortino
Re: Snort not collecting data after installing pulledpork and running rules update Joel Esler
Re: Integrating ClamAv into Snort Joel Esler
Re: Integrating ClamAv into Snort Ayodele Okeowo
Re: Integrating ClamAv into Snort Joel Esler
Re: Integrating ClamAv into Snort Ayodele Okeowo
snort logging issue J MCN
Re: Snort not collecting data after installing pulledpork and running rules update Erik D. Sciortino
FW: snort logging issue Y M
Snort Question david molina
Re: Snort not collecting data after installing pulledpork and running rules update Michael Steele
Re: Snort not collecting data after installing pulledpork and running rules update Michael Steele
Re: Snort not collecting data after installing pulledpork and running rules update Joel Esler
Re: Snort Question waldo kitty

Thursday, 14 February

Snort 2.9.3 Error when starting Barnyard2 david molina
Snort 2.9.3 Error when starting Barnyard2 david molina
Downloading Snort Rules - Registered User : Weird Behavior Dheeraj Gupta
Snort Noob Question Jeremy Golden
Re: Quick question about byte_test Nathan Benson
Re: Downloading Snort Rules - Registered User : Weird Behavior Joel Esler
Patch to have unified2 outputs for multiple snort instances Guido Hungerbuehler
Re: Patch to have unified2 outputs for multiple snort instances Russ Combs
Snort Segmentation Fault z@@f@r @}{m3D
Re: Snort Segmentation Fault Russ Combs
Re: Snort Segmentation Fault z@@f@r @}{m3D
Sourcefire VRT Certified Snort Rules Update 2013-02-14 Research
Re: Snort Segmentation Fault Russ Combs
Snort and my VLANs Josh Bitto
Re: Snort and my VLANs Y M
Fw: Snort Rules alex dina
Re: Snort and my VLANs Josh Bitto
Re: Snort and my VLANs Josh Bitto
Re: Fw: Snort Rules waldo kitty

Friday, 15 February

Use dyndns to ignore my ip Andy
Re: Snort and my VLANs Joel Esler
Re: Snort and my VLANs Ayodele Okeowo
Re: Patch to have unified2 outputs for multiple snort instances Brad Tilley
Re: Fw: Snort Rules alex dina
Re: Fw: Snort Rules Alex McDonnell
Re: Use dyndns to ignore my ip Kevin Ross
Re: Fw: Snort Rules Ned Moran
Re: Snort and my VLANs Josh Bitto
Re: Snort and my VLANs Ayodele Okeowo
configure options for 2.9.4 John York
Re: configure options for 2.9.4 Russ Combs
Re: Use dyndns to ignore my ip Jefferson, Shawn
Re: Use dyndns to ignore my ip Jeremy Hoel
preprocessor sfportscan does not generate alerts Marc Belanger
Re: Fw: Snort Rules waldo kitty
Re: Use dyndns to ignore my ip waldo kitty
Re: configure options for 2.9.4 waldo kitty
Re: Use dyndns to ignore my ip waldo kitty
Re: Use dyndns to ignore my ip waldo kitty
Re: preprocessor sfportscan does not generate alerts waldo kitty
Re: Use dyndns to ignore my ip Jeremy Hoel
Re: Use dyndns to ignore my ip waldo kitty
Re: Use dyndns to ignore my ip Jeremy Hoel

Monday, 18 February

Snort CPU usage Josh Bitto
Re: preprocessor sfportscan does not generate alerts Marc Belanger
Snort and IM Josh Bitto
Re: Snort and IM Dustin Webber
Re: Snort and IM Josh Bitto
Re: Snort and IM Dustin Webber
Re: Snort and IM Josh Bitto
Re: Snort and IM Josh Bitto
Re: Snort and IM Dustin Webber
Re: Snort and IM Josh Bitto
Re: Snort and IM James Lay
Re: Snort and IM Dustin Webber
Re: Snort and IM Josh Bitto
Problem with Barnyard sending stuff to Mysql Bouchra Badri
Re: preprocessor sfportscan does not generate alerts waldo kitty
Re: Snort and IM waldo kitty
Re: Snort and IM Josh Bitto
Re: Snort and IM Joel Esler
Re: Snort CPU usage Josh Bitto
Re: Snort and IM JJ Cummings
Re: Snort and IM waldo kitty
Re: Snort CPU usage waldo kitty
Re: Snort CPU usage Mike Miller

Tuesday, 19 February

snort daemon to listen to eth2 and eth3 in promiscuous mode Kaushal Shriyan
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Ray Caparros
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Kaushal Shriyan
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Ayodele Okeowo
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Kaushal Shriyan
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Ayodele Okeowo
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Kaushal Shriyan
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Ayodele Okeowo
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Ayodele Okeowo
Recommended daq pcap bpf buffer size? elof
Bad performance x 2 when using net.bpf.zerocopy_enable=1 on FreeBSD 9.1 elof
Re: Snort CPU usage Josh Bitto
Remove outside from mailing list Vo Van Pho
Re: Remove outside from mailing list Vo Van Pho
network interface Muteb Alqahtani
Re: Snort CPU usage Josh Bitto
Mandiant APT1 Report James Lay
Re: network interface Josh Bitto
Test traffic Yonas Abebe
Re: Test traffic Josh Bitto
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Kaushal Shriyan
Re: Test traffic Heine Lysemose
Cannot get alert from dynamic_example preprocessor in output Андрей Меньков
Re: Bad performance x 2 when using net.bpf.zerocopy_enable=1 on FreeBSD 9.1 Victor Roemer
Re: Cannot get alert from dynamic_example preprocessor in output Victor Roemer
Re: Mandiant APT1 Report Joel Esler
Sourcefire VRT Certified Snort Rules Update 2013-02-19 Research
Good Snort Writing Post James Lay
Re: Test traffic Tony Robinson
stream5 prune_log_max fix Gregory S Thomas
Re: Test traffic Jason Wallace
Re: Cannot get alert from dynamic_example preprocessor in output Андрей Меньков
Re: Cannot get alert from dynamic_example preprocessor in output Андрей Меньков

Wednesday, 20 February

Re: [Snort-devel] Bad performance x 2 when using net.bpf.zerocopy_enable=1 on FreeBSD 9.1 elof
403 Error when attempting to pull rules using Pulled-Pork Tamara Fisher
Re: 403 Error when attempting to pull rules using Pulled-Pork Joel Esler
snort rules to detect user and software trespass Hamid Ghanbari
Recent changes to SNORT 2.9.4.0 rulesets regarding PCRE syntax. Robert Cotter
Help With Assignment Jeremy Golden
Problem showing traffic on BASE Bouchra Badri
Re: 403 Error when attempting to pull rules using Pulled-Pork Tamara Fisher
Re: 403 Error when attempting to pull rules using Pulled-Pork Joel Esler
Sig for 0 day browser java plugin? Miguel Alvarez
FW: Recent changes to SNORT 2.9.4.0 rulesets regarding PCRE syntax. Stark, Vernon L.
SNORT Installed properly But not Logging alerts ARUN PUSHKAR
SNORT-2.9.4 Installed properly but NOT Logging ALERTS ARUN PUSHKAR
Re: SNORT Installed properly But not Logging alerts Dustin Webber
global threshold does not work on certain file-identity rules Clement Chen
Re: [Snort-devel] Bad performance x 2 when using net.bpf.zerocopy_enable=1 on FreeBSD 9.1 Victor Roemer
Re: Recent changes to SNORT 2.9.4.0 rulesets regarding PCRE syntax. Robert Cotter
Re: [Emerging-Sigs] Mandiant APT1 Report Christopher Granger
Re: Help With Assignment waldo kitty
Re: Recent changes to SNORT 2.9.4.0 rulesets regarding PCRE syntax. Joel Esler

Thursday, 21 February

Daemonlogger is not available C. L. Martinez
Problem with output file Quentin Vallin
Re: Bad performance x 2 when using net.bpf.zerocopy_enable=1 on FreeBSD 9.1 elof
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Kaushal Shriyan
Re: SNORT Installed properly But not Logging alerts ARUN PUSHKAR
Re: Daemonlogger is not available Joel Esler
Re: Problem with output file Quentin Vallin
Re: snort daemon to listen to eth2 and eth3 in promiscuous mode Ayodele Okeowo
Re: Snort 2.9.4.0 on CentOS 5.8 Kaushal Shriyan
Re: Snort 2.9.4.0 on CentOS 5.8 beenph
Re: Recent changes to SNORT 2.9.4.0 rulesets regarding PCRE syntax. Joel Esler
Re: Daemonlogger is not available Joel Esler
Sourcefire VRT Certified Snort Rules Update 2013-02-21 Research
Sourcefire VRT Certified Snort Rules Update 2013-02-21 Research
Windows - Logging events to Application Log gets error Michael Steele

Friday, 22 February

newbie question about pass and alert directive .
Re: Problem with output file Johnny Venter
Re: newbie question about pass and alert directive waldo kitty
Assistance registering on snort.org - confirmation mail was refused by my server Marcio Merlone
Re: Assistance registering on snort.org - confirmation mail was refused by my server Joel Esler
Anomaly-detection dynamic preprocessor Андрей Меньков
Re: newbie question about pass and alert directive Jason Wallace

Saturday, 23 February

Re: newbie question about pass and alert directive waldo kitty
Problem with acquiring traffic Alex Adamos
Re: Problem with acquiring traffic waldo kitty
Re: Problem with acquiring traffic Alex Adamos
Re: Problem with acquiring traffic Alex Adamos

Monday, 25 February

Errors updating snort rules this morning C. L. Martinez
Re: Problem with output file Quentin Vallin
Rule download fails Guido Hungerbuehler
Re: Rule download fails C. L. Martinez
Re: Rule download fails Peter Bates
Re: Rule download fails Joel Esler
Re: preprocessor sfportscan does not generate alerts johnny.venter
Re: [Emerging-Sigs] Touched by a proxy: thoughts on urilen? Joel Esler
Packet Drop in Preprocessor Yoshimasa Obana
Re: Problem with acquiring traffic Alex Adamos
Re: Anomaly-detection dynamic preprocessor Андрей Меньков
Re: Anomaly-detection dynamic preprocessor Stephen Reese
Using a var in the conf and local rules honeybadger
Re: preprocessor sfportscan does not generate alerts waldo kitty
Re: Using a var in the conf and local rules waldo kitty
Re: Using a var in the conf and local rules Lay, James
Re: Using a var in the conf and local rules Lay, James
Re: Using a var in the conf and local rules Joel Esler
Re: Using a var in the conf and local rules Stephen Mintz
Re: Using a var in the conf and local rules JJ Cummings
Default Snort Rules Document Retention
Re: Default Snort Rules Joel Esler
Re: Using a var in the conf and local rules Joel Esler
Public Blacklist usage? Michael Steele
Re: Public Blacklist usage? Joel Esler
Re: Public Blacklist usage? Joel Esler
Re: Public Blacklist usage? Jeff Kell
[PATCH] DAQ IPFW module packet injection fix Lawrence Teo
Error Prathibha P G

Tuesday, 26 February

Re: [PATCH] DAQ IPFW module packet injection fix Hui Cao
SNORT PARALLELIZATION SECURITY ISSUES Amtul Saboor
Re: [Emerging-Sigs] Touched by a proxy: thoughts on urilen? L0rd Ch0de1m0rt
Re: Error Joel Esler
DAQ documentation and DPDK Eddie Harari
How does Snort implement PCRE (?C callout functionality in snort rule? Shields, Joseph (NIH/NIEHS) [C]
snort and http_inspect Ruyk
Re: snort and http_inspect Joel Esler
Re: snort and http_inspect Smit Smit

Wednesday, 27 February

snort as windows as service and logging to the windows event log snort
Re: snort and http_inspect Joel Esler
Sourcefire VRT Certified Snort Rules Update 2013-02-27 Research
Snort Version 2.9.4-WIN32 GRE (Build 40) on Windows 7 fails with the Error: Failed to parse the IP address: HORNER, LARRY J
Re: Snort Version 2.9.4-WIN32 GRE (Build 40) on Windows 7 fails with the Error: Failed to parse the IP address: waldo kitty

Thursday, 28 February

About make command error Mayur Patil
Re: About make command error waldo kitty
Front-end Ben Weber
Re: Front-end Dustin Willis Webber
snort ip change breaks detection ntbuck12
Sourcefire VRT Certified Snort Rules Update 2013-02-28 Research
Re: snort ip change breaks detection Joel Esler
BPF filter syntax Eric G
Snort Question Jeremy Golden
Re: Front-end Doug Burks

Friday, 01 March

Re: BPF filter syntax Joel Esler
Re: About make command error Mayur Patil
Snort doesn't write unified2 files as expected Mario Lupino
Re: Snort doesn't write unified2 files as expected Joel Esler
Re: About make command error Mayur Patil
Snort Processes randonly dies Avery Rozar
Re: Snort doesn't write unified2 files as expected Avery Rozar
Re: Snort Processes randonly dies Hui Cao
help add rule while snort is running Prabhudev Avarasang
Re: help add rule while snort is running James Lay
MiniDuke sigs? James Lay
Re: About make command error Hui Cao
Re: Front-end Joel Esler
Re: MiniDuke sigs? Joel Esler
Re: MiniDuke sigs? James Lay
Re: Snort Processes randonly dies Avery Rozar
Re: help add rule while snort is running waldo kitty

Saturday, 02 March

Re: About make command error Mayur Patil
Re: About make command error waldo kitty

Monday, 04 March

Running Snort from User Account Tamara Fisher
Re: Snort Processes randonly dies Avery Rozar
Re: Running Snort from User Account Joel Esler
More APT1 info that needs to be made into snort rules Barry Weymes
Re: More APT1 info that needs to be made into snort rules Joel Esler
How To Use Snort As An IDS GABRIEL OLADIPUPO
Rules across tcp headers & http headers/payload Andy Richards
Snort as a predefined PID Avery Rozar
Re: Running Snort from User Account Michael J Wise
Re: Rules across tcp headers & http headers/payload waldo kitty
Re: How To Use Snort As An IDS waldo kitty
Re: Snort as a predefined PID waldo kitty
Re: Rules across tcp headers & http headers/payload lists () packetmail net
Re: Snort Processes randonly dies Hui Cao
Re: Snort as a predefined PID Avery Rozar
Re: Snort Processes randonly dies Avery Rozar
Re: Snort Processes randonly dies Hui Cao
SSH preprocessor Philip Edwards
DNS Query for .su TLD (Soviet Union) James

Tuesday, 05 March

Re: Rules across tcp headers & http headers/payload Andy Richards
Snort 2.9.4.1 Now Available Snort Releases
Snort 2.9.4.1 Now Available Snort Releases
Monitor the transfer of files on Skype or other messaging software. Aisling Brennan
Re: Rules across tcp headers & http headers/payload lists () packetmail net
Re: DNS Query for .su TLD (Soviet Union) waldo kitty
Funky packets James Lay
Sourcefire VRT Certified Snort Rules Update 2013-03-05 Research
Re: Monitor the transfer of files on Skype or other messaging software. Joel Esler
Snort sending mail with alerts in real-time Jeronimo L. Cabral
Snort distributions Alejandro Cabrera Obed
Snort, SCADA and DigitalBond Andrea Modesto Rossi
Re: Snort distributions Heine Lysemose
Re: Snort, SCADA and DigitalBond Joel Esler
Safe browsing and proxies Aisling Brennan
Add Data Into New Tables waseem sarwar
Re: Add Data Into New Tables Joel Esler
Re: Safe browsing and proxies Miller - CDLE, Michael
Setting Snort policy_mode Ricky Huang
Re: Setting Snort policy_mode Ricky Huang
[PATCH] Allow Snort to run as non-root with IPFW DAQ Lawrence Teo
Re: Add Data Into New Tables waseem sarwar
Re: Add Data Into New Tables waseem sarwar

Wednesday, 06 March

Exists some problem to download rules?? C. L. Martinez
Re: Snort distributions Jaime Nebrera
Re: Exists some problem to download rules?? Joel Esler
Re: Exists some problem to download rules?? C. L. Martinez
Re: Snort distributions Alejandro Cabrera Obed
Re: Exists some problem to download rules?? Joel Esler
Re: Snort distributions Jaime Nebrera
Re: Snort distributions Doug Burks
Re: Snort distributions Jon M
Re: Exists some problem to download rules?? C. L. Martinez
Re: [PATCH] Allow Snort to run as non-root with IPFW DAQ Todd Wease
Re: Exists some problem to download rules?? Joel Esler
Re: Snort distributions Joel Esler
Snort in Grid Computing Prathibha P G
Does Snort support country blocking Ricky Huang
Re: Does Snort support country blocking JJC
Testing Snort functionality, or, how do I know if Snort really works? Ricky Huang
Re: Does Snort support country blocking Ricky Huang
Re: Does Snort support country blocking Jaime Nebrera
Re: Does Snort support country blocking JJC
Re: Testing Snort functionality, or, how do I know if Snort really works? JJC
Re: Does Snort support country blocking Ricky Huang
Re: Testing Snort functionality, or, how do I know if Snort really works? Ricky Huang
Re: Does Snort support country blocking JJC
Re: Testing Snort functionality, or, how do I know if Snort really works? JJC
Re: Snort distributions Livio Ricciulli
New install questions. Sallee, Stephen (Jake)
Re: New install questions. Heine Lysemose
Re: New install questions. Joel Esler
Re: New install questions. Doug Burks
Vendor Disclosure and plugging Joel Esler
"Adapter is in Passive Mode" Warning Ricky Huang
Re: New install questions. Sallee, Stephen (Jake)
Snort doc error (?) - rule option not optional? Ricky Huang
Re: New install questions. Greg Williams
Re: New install questions. Sallee, Stephen (Jake)
Re: Snort distributions Alejandro Cabrera Obed
no IDS logs from snort Kevin Thomas

Thursday, 07 March

Tagged Packet in the new snort? Yossi
Re: Snort distributions Jaime Nebrera
PulledPork New Snort Categories Tamara Fisher
Re: PulledPork New Snort Categories Tamara Fisher
Re: PulledPork New Snort Categories Justin Knox
UDP on port 6667 Aisling Brennan
Re: UDP on port 6667 JJC
Re: UDP on port 6667 lists () packetmail net
Re: no IDS logs from snort James Lay
Re: New install questions. Greg Williams
Re: New install questions. Sallee, Stephen (Jake)
Re: PulledPork New Snort Categories Joel Esler
Re: PulledPork New Snort Categories JJC
Snort rule for a pattern match? Shields, Joseph (NIH/NIEHS) [C]
FW: Snort rule for a pattern match? Shields, Joseph (NIH/NIEHS) [C]
Sourcefire VRT Certified Snort Rules Update 2013-03-07 Research
Signature for bridging protocols Juan Camilo Valencia
Snort rules problem Tural Nazirov

Friday, 08 March

Re: "Adapter is in Passive Mode" Warning Ricky Huang
Re: Snort rules problem Y M
Re: "Adapter is in Passive Mode" Warning Y M
Re: Snort doc error (?) - rule option not optional? Y M
Re: Snort Pattern alghoritm Asiri Rathnayake
Mis-Matching traffic with PCRE Rules waseem sarwar
Re: Snort Pattern alghoritm Todd Wease
Re: Mis-Matching traffic with PCRE Rules Joel Esler
Re: Mis-Matching traffic with PCRE Rules waseem sarwar
Re: Snort rules problem Joel Esler
Re: Mis-Matching traffic with PCRE Rules Todd Wease
Re: Snort rules problem Y M
Re: Snort doc error (?) - rule option not optional? Russ Combs
Re: "Adapter is in Passive Mode" Warning Russ Combs
Re: Snort doc error (?) - rule option not optional? Ricky Huang
Re: Snort doc error (?) - rule option not optional? Russ Combs
Re: Snort doc error (?) - rule option not optional? Ricky Huang
Can't start DAQ (-1) - ipfw_daq_start: can't create divert socket Ricky Huang
Re: Can't start DAQ (-1) - ipfw_daq_start: can't create divert socket Lawrence Teo
Re: Mis-Matching traffic with PCRE Rules Joshua Kinard
Re: no IDS logs from snort Kevin Thomas

Saturday, 09 March

Re: no IDS logs from snort Ray Caparros
Re: no IDS logs from snort waldo kitty
Error initializing rule chains Jim Turner
Re: Error initializing rule chains waldo kitty
CPU and RAM planning tool Sallee, Stephen (Jake)

Sunday, 10 March

Re: CPU and RAM planning tool Joel Esler
Signature for bridging protocols Juan Camilo Valencia
Re: CPU and RAM planning tool Sallee, Stephen (Jake)
Re: CPU and RAM planning tool Sallee, Stephen (Jake)
snort.conf has been deleted ali hamza

Monday, 11 March

startup error on with blacklist rules Jim Turner
Re: startup error on with blacklist rules Joel Esler
Re: no IDS logs from snort Kevin Thomas
Re: New install questions. Gregory W. MacPherson
Rule Snort Ping Flood yayantritaryana
Re: snort.conf has been deleted Joel Esler
Re: Rule Snort Ping Flood Joel Esler
Re: no IDS logs from snort waldo kitty
Re: no IDS logs from snort waldo kitty
Snort with Kiwi Sys Log Jeremy Golden
Re: no IDS logs from snort Kevin Thomas
Re: Snort with Kiwi Sys Log Greg Williams
Re: no IDS logs from snort Ray Caparros
Re: no IDS logs from snort Joel Esler
Snort log: Source MAC address record Ayodele Okeowo
Re: startup error on with blacklist rules Jim Turner
Re: Snort log: Source MAC address record Y M
Re: Snort log: Source MAC address record Ayodele Okeowo
Re: no IDS logs from snort waldo kitty
Re: Can't start DAQ (-1) - ipfw_daq_start: can't create divert socket Ricky Huang
Questions with this Snort IPS setup Ricky Huang
Error app-detect.rules (18) Unknown ClassType: Jim Turner
Re: Error app-detect.rules (18) Unknown ClassType: Jim Turner

Tuesday, 12 March

help me manel affi
botnets Pratik Narang
BASE 100% TCP ? Joao Daniel Neves
Still trying to build this box Jim Turner
syslog problems persist ntbuck12
Re: Still trying to build this box James Lay
Re: Still trying to build this box Jim Turner
Re: Questions with this Snort IPS setup waldo kitty
Re: Error app-detect.rules (18) Unknown ClassType: waldo kitty
Re: Still trying to build this box waldo kitty
Re: Still trying to build this box Jim Turner
Rule assist James Lay
Re: Can't start DAQ (-1) - ipfw_daq_start: can't create divert socket Russ Combs
Creating Your Own Snort Rule? Jeremy Golden
Re: Error app-detect.rules (18) Unknown ClassType: Joel Esler
Re: Still trying to build this box waldo kitty
Re: Creating Your Own Snort Rule? waldo kitty
Re: message Chamila Garusinghe
Re: Can't start DAQ (-1) - ipfw_daq_start: can't create divert socket Ricky Huang
Re: Creating Your Own Snort Rule? Jeremy Hoel
Re: Questions with this Snort IPS setup Ricky Huang
Re: BASE 100% TCP ? Jeremy Hoel
Sourcefire VRT Certified Snort Rules Update 2013-03-12 Research
Re: Still trying to build this box Jim Turner
Re: BASE 100% TCP ? Mike Miller
Re: Rule assist rmkml
Re: Rule assist rmkml
Re: Rule assist Nathan Benson
Re: Rule assist James Lay
PCAP and Snort for Windows Jim Turner
Re: Rule assist Joel Esler
Re: PCAP and Snort for Windows Joel Esler
Re: Creating Your Own Snort Rule? waldo kitty
config files for 2.9.4.1 Gregory S Thomas
Re: config files for 2.9.4.1 Joel Esler

Wednesday, 13 March

Is Ipv6 Support in Snort Complete ? Prabhakaran Kasinathan
Bug in stream5 global - prune_log_max <bytes> elof
stream5 and track_icmp elof
Unified2 logging bug in snort 2.9.4 (Build 40) elof
Errors after upgrade to 2.9.4.1 Alexander Grüner
Using Snort in Virtual Machines with PF_RING Ayodele Okeowo
Re: Errors after upgrade to 2.9.4.1 waldo kitty
Re: syslog problems persist [SOLVED] ntbuck12
Re: BASE 100% TCP ? Joao Daniel Neves
rule creation Leonardo Pezente
Re: rule creation JJC
Re: rule creation Jeremy Hoel
Re: rule creation JJ Cummings
Re: Using Snort in Virtual Machines with PF_RING Ayodele Okeowo
Rule question.. SID 1:1000103 Jeremy Hoel
Re: Is Ipv6 Support in Snort Complete ? Joel Esler
Re: Bug in stream5 global - prune_log_max <bytes> Gregory S Thomas
Re: Unified2 logging bug in snort 2.9.4 (Build 40) Bhagya Bantwal
Re: Bug in stream5 global - prune_log_max <bytes> Bhagya Bantwal
Re: Rule question.. SID 1:1000103 waldo kitty
Re: Rule question.. SID 1:1000103 Jeremy Hoel

Thursday, 14 March

Re: Errors after upgrade to 2.9.4.1 Alexander Grüner
sid-msg.map Johnny Venter
Re: sid-msg.map Jeremy Hoel
Sourcefire VRT Certified Snort Rules Update 2013-03-14 Research
Re: sid-msg.map beenph
Snort only working on one side of traffic and no flow Harley H
Sourcefire VRT Certified Snort Rules Update 2013-03-14 Research
Segmentation Fault After Rule Update Stark, Vernon L.
Re: Segmentation Fault After Rule Update Joel Esler
Re: Segmentation Fault After Rule Update Stark, Vernon L.
Re: Segmentation Fault After Rule Update Joel Esler
Re: Errors after upgrade to 2.9.4.1 waldo kitty

Friday, 15 March

bug in sfutil/sfrt.c Mitesh Jadia
Re: bug in sfutil/sfrt.c Joel Esler
Re: Unified2 logging bug in snort 2.9.4 (Build 40) elof
hey! 黃 huang
Re: Snort only working on one side of traffic and no flow Bhagya Bantwal

Saturday, 16 March

help snort Quoc tuan Pham
question for snort flow established zhaojunling_20
problems in snort installing. Mohammad MontazerI
Re: question for snort flow established waldo kitty
Re: problems in snort installing. waldo kitty
Re: stream5 and track_icmp Joel Esler
Re: question for snort flow established zhaojunling_20
Re: question for snort flow established zhaojunling_20

Sunday, 17 March

Re: problems in snort installing. waldo kitty
Re: question for snort flow established zhaojunling_20
Re: question for snort flow established zhaojunling_20
help snort 2.9.4 Bảo Gió

Monday, 18 March

Re: help snort 2.9.4 Heine Lysemose
403 error :( ali hamza
Re: 403 error :( Heine Lysemose
Syslog Help Kevin Ross
Non-root user for DAQ nfq Chinmay Mahata
Re: Syslog Help Peter Bates
HA feature available for Snort NIDS/NIPS Engine Kaushal Shriyan
Hardware Requirement for Snort NIDS/NIPS Engine Kaushal Shriyan
Re: Hardware Requirement for Snort NIDS/NIPS Engine Joel Esler
Re: HA feature available for Snort NIDS/NIPS Engine Joel Esler
Re: Syslog Help Joel Esler
Re: HA feature available for Snort NIDS/NIPS Engine Mike Becker
Re: HA feature available for Snort NIDS/NIPS Engine Kevin Ross
Re: question for snort flow established waldo kitty
Re: Syslog Help Kevin Ross
Re: question for snort flow established waldo kitty
Re: 403 error :( waldo kitty
Re: question for snort flow established JJ Cummings
Re: question for snort flow established Joel Esler
Easy way to output alert and Hex+ASCII pcap data? Mike Cox
Re: Easy way to output alert and Hex+ASCII pcap data? Joel Esler
Re: Easy way to output alert and Hex+ASCII pcap data? waldo kitty
Re: question for snort flow established waldo kitty
Re: question for snort flow established Joel Esler
Re: Easy way to output alert and Hex+ASCII pcap data? Mike Cox
Re: HA feature available for Snort NIDS/NIPS Engine Mike Miller
Re: question for snort flow established Jason
Re: question for snort flow established waldo kitty
Re: problems in snort installing. Mohammad MontazerI
Re: problems in snort installing. JJC

Tuesday, 19 March

Re: 403 error :( ali hamza
Fw: problems in snort installing. Mohammad MontazerI
Re: Fw: problems in snort installing. Joel Esler
Re: 403 error :( Joel Esler
Re: Fw: problems in snort installing. Mohammad MontazerI
Re: problems in snort installing. Mike Miller
Re: sid-msg.map johnny.venter
Re: Fw: problems in snort installing. Joel Esler
Re: sid-msg.map Joel Esler
Re: sid-msg.map Y M
Re: Unified2 logging bug in snort elof
Re: problems in snort installing. Mohammad MontazerI
Re: problems in snort installing. Joel Esler
Re: problems in snort installing. Joel Esler
Re: problems in snort installing. Mohammad MontazerI
Re: problems in snort installing. JJC
Re: problems in snort installing. Mohammad MontazerI
Re: Syslog Help beenph
Writing a "not" snort rule ntbuck12
Re: Writing a "not" snort rule JJC
Re: Writing a "not" snort rule ntbuck12
null ports in snort database palestine group
Re: Automatically decoding of Teredo traffic L0rd Ch0de1m0rt
About Snort Inline Tural Nazirov
Sourcefire VRT Certified Snort Rules Update 2013-03-19 Research
Re: problems in snort installing. Joel Esler
Re: problems in snort installing. Mohammad MontazerI
Re: About Snort Inline JJC
Re: problems in snort installing. Joel Esler
Alert file Mohammad MontazerI

Wednesday, 20 March

Re: Alert file Ricky Huang
Re: Alert file salawank
Re: Alert file Mohammad MontazerI
Re: Alert file Mohammad MontazerI
Re: Syslog Help Kevin Ross
Re: Syslog Help beenph
Re: Automatically decoding of Teredo traffic Russ Combs
Options installed in the snort binary annie.st-germain
Re: Automatically decoding of Teredo traffic L0rd Ch0de1m0rt
Re: Automatically decoding of Teredo traffic Joel Esler
Question About Threshholds Miso Patel
Re: Automatically decoding of Teredo traffic L0rd Ch0de1m0rt
Re: problems in snort installing. waldo kitty
Re: Alert file waldo kitty
Re: Alert file waldo kitty
Re: Alert file Mohammad MontazerI
Re: Question About Threshholds Alex Kirk
Re: Unknown ClassType 严骞

Thursday, 21 March

Sourcefire VRT Certified Snort Rules Update 2013-03-21 Research
Re: Alert file waldo kitty
Re: Unknown ClassType waldo kitty
Re: botnets Pratik Narang
Re: botnets Livio Ricciulli

Friday, 22 March

Snort.org Blog: VRT Rule License Change v2.0 Joel Esler
Alarm rule specific to a network session Knut Borg
Re: Alarm rule specific to a network session Joel Esler
Re: Snort.org Blog: VRT Rule License Change v2.0 lists () packetmail net
Re: botnets John York
Re: botnets Joel Esler
Re: botnets Livio Ricciulli
Errors installing SNORT 2.9 to SuSE Linux 12.2 - rpm or tar.gz Kurt Jensen CISSP
Re: Errors installing SNORT 2.9 to SuSE Linux 12.2 - rpm or tar.gz Joel Esler
Recommended hardware for running snort in packet logging mode on home network proxy? John Michael Kane
Re: Recommended hardware for running snort in packet logging mode on home network proxy? Mike Miller

Saturday, 23 March

Re: Unified2 logging bug in snort elof
Re: Recommended hardware for running snort in packet logging mode on home network proxy? Greg Williams
Reverse shell connections Aisling Brennan
Re: Errors installing SNORT 2.9 to SuSE Linux 12.2 - rpm or tar.gz Kurt Jensen CISSP
Re: Reverse shell connections waldo kitty

Sunday, 24 March

Using pulled pork to change rule state from alert to drop for a policy type Tony Robinson
Re: Using pulled pork to change rule state from alert to drop for a policy type Joel Esler
Unable to access Ruleset of 21 March Y M
Re: Unable to access Ruleset of 21 March Joel Esler
Snort Rules Josh Bitto
Re: Snort Rules Joel Esler
Re: Snort Rules Mayur Patil
Re: botnets Pratik Narang
Re: botnets Gregory Pendergast
Re: botnets salawank

Monday, 25 March

Reverse shell Aisling Brennan
Re: Reverse shell Jamie Riden
Sensor Location Phil Daws
About DAQ error Mayur Patil
Re: Using pulled pork to change rule state from alert to drop for a policy type Yossi Nachum
Re: Using pulled pork to change rule state from alert to drop for a policy type JJC
Re: Reverse shell Castle, Shane
Re: Using pulled pork to change rule state from alert to drop for a policy type waldo kitty
Re: deny default outbound (was Reverse shell) Bennett Todd
Re: deny default outbound (was Reverse shell) Castle, Shane
Re: deny default outbound (was Reverse shell) Bennett Todd
Logging - A easy way ? Joao Daniel Neves
Re: Logging - A easy way ? Jeremy Hoel
(no subject) alex dina
Re: Logging - A easy way ? Joao Daniel Neves
Re: (no subject) lists () packetmail net
Re: Logging - A easy way ? Jeremy Hoel

Tuesday, 26 March

best suited linux distro for snort? ali hamza
Re: Snort Rules Kurt Jensen CISSP
Re: Logging - A easy way ? Joao Daniel Neves
Re: Logging - A easy way ? Michael Steele
Snort Alert[1:16482:8] Kee, Scott
Re: Snort Alert[1:16482:8] Castle, Shane
Re: Snort Alert[1:16482:8] Michael Steele
Re: Snort Alert[1:16482:8] James Lay
Re: best suited linux distro for snort? Gregory W. MacPherson
Re: Snort Alert[1:16482:8] Kee, Scott
Re: best suited linux distro for snort? Jeremy Hoel
Re: Logging - A easy way ? Jeremy Hoel
Sourcefire VRT Certified Snort Rules Update 2013-03-26 Research
Re: Snort rule for a pattern match? Shields, Joseph (NIH/NIEHS) [C]
Blocking ip's with snort blacklist Dmitry Korzhevin
Re: Blocking ip's with snort blacklist Jeremy Hoel
Re: Blocking ip's with snort blacklist Joel Esler
Re: Snort rule for a pattern match? Joel Esler
Re: best suited linux distro for snort? Joel Esler
Re: Snort rule for a pattern match? Jamie Riden
Re: best suited linux distro for snort? Doug Burks
Re: best suited linux distro for snort? Jeremy Hoel
Re: Blocking ip's with snort blacklist Dmitry Korzhevin
Re: Snort rule for a pattern match? Lay, James
Re: Snort rule for a pattern match? Shields, Joseph (NIH/NIEHS) [C]
Re: Automatically decoding of Teredo traffic L0rd Ch0de1m0rt
Re: best suited linux distro for snort? Ray Caparros
Re: best suited linux distro for snort? Joel Esler
Re: Automatically decoding of Teredo traffic Joel Esler
Re: Blocking ip's with snort blacklist Joel Esler
Re: Snort Alert[1:16482:8] waldo kitty
Re: Blocking ip's with snort blacklist waldo kitty
Re: Snort Alert[1:16482:8] Alex Kirk
Re: best suited distro for snort? Mohammad MontazerI

Wednesday, 27 March

ERROR: parser.c(5302) ali hamza
Re: best suited distro for snort? Jeremy Hoel
SDF Triggering Phil Daws
Snort alert Quentin Vallin
Re: Logging - A easy way ? Joao Daniel Neves
Output: CSV and interface Phil Daws
Re: Output: CSV and interface beenph
Re: Snort rule for a pattern match? Lay, James
Re: Snort rule for a pattern match? lists () packetmail net
Snort.org Blog: The Sourcefire VRT Community ruleset is live! Joel Esler
Re: Snort rule for a pattern match? Shields, Joseph (NIH/NIEHS) [C]
Re: Snort rule for a pattern match? Shields, Joseph (NIH/NIEHS) [C]
Re: Snort rule for a pattern match? lists () packetmail net
Re: Snort rule for a pattern match? Joel Esler
Re: Logging - A easy way ? Jeremy Hoel
Re: Snort alert Ricky Huang
DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: DAQ 2.0.0 Error with 2.9.4.1 Nicholas Horton
Re: Using pulled pork to change rule state from alert to drop for a policy type Tony Robinson
Re: Snort Alert[1:16482:8] Kee, Scott

Thursday, 28 March

Re: Snort alert Quentin Vallin
Any signtures snort or emerging for these threats? Aisling Brennan
general questions Mohammad MontazerI
PP and community rules Lay, James
Re: PP and community rules Phil Daws
Re: PP and community rules Joel Esler
Re: PP and community rules Lay, James
Snort alert file missing? Nicholas Bogart
Re: Snort alert file missing? Joel Esler
Re: Snort alert file missing? elof
Re: general questions Ricky Huang
Re: Any signtures snort or emerging for these threats? lists () packetmail net
Sourcefire VRT Certified Snort Rules Update 2013-03-28 Research
Re: ERROR: parser.c(5302) waldo kitty
Re: Snort alert waldo kitty

Friday, 29 March

User add in centOs Mohammad MontazerI
Re: User add in centOs Mark W. Jeanmougin
Re: Reverse shell connections Peter Bates
Re: Automatically decoding of Teredo traffic L0rd Ch0de1m0rt
Snort Greg Martin
Re: general questions Mohammad MontazerI
Re: general questions Heine Lysemose
snort-2.9.4.1 startup message: Can't start DAQ (-1) .. Fatal Error, Quitting.. Maple Thorpe
Re: Snort Michael D. Wood
Re: general questions Mohammad MontazerI
Re: Reverse shell connections waldo kitty
Re: general questions Jeremy Hoel
Re: general questions Mohammad MontazerI
Re: general questions Jeremy Hoel
Re: general questions waldo kitty
Re: general questions waldo kitty
Re: general questions Mohammad MontazerI
Re: general questions waldo kitty
Re: general questions Jeremy Hoel
Re: general questions waldo kitty
Re: general questions waldo kitty
Re: general questions Mohammad MontazerI

Saturday, 30 March

Re: general questions Jeremy Hoel
Problem with sensitive-data:email addresses rule Gregory Pendergast
Community Ruleset Clarification Michael Steele
Re: Community Ruleset Clarification Joel Esler
Re: Community Ruleset Clarification Michael Steele
Re: Problem with sensitive-data:email addresses rule waldo kitty
Re: Problem with sensitive-data:email addresses rule waldo kitty

Previous period

Next period