Snort mailing list archives
Re: Snort Alert [1:1000001:1]
From: Jeremy Hoel <jthoel () gmail com>
Date: Wed, 19 Feb 2014 13:24:21 -0700
This looks like a custom rule that you wrote ( the SID is not a normal one, check local.rules) and the problem is that the sid map didn't get updated, probably because you don't run a rule management tool; pulledpork for example? On Wed, Feb 19, 2014 at 12:02 PM, Angel Chiriboga Torres < angel.chiriboga () e-govsolutions net> wrote:
Hi everyone, I need your help with a problem with Snort. All the events appear like the following picture. Why events look this way? How I can fix them? Please, I wait your response as soon as possible. Thanks. Regards. -- Ángel Chiriboga Torres *IT Security Specialist* *EGOVERMENT SOLUTIONS S.A.* E-mail: *angel.chiriboga () e-govsolutions net <angel.chiriboga () e-govsolutions net>* Web: http://www.e-govsolutions.net Celular: +593-995093859 Skype: angelctorres *P* *No imprima este mail a menos que sea absolutamente necesario* *Save a tree, don´t print this e-mail unless it´s really necessary* ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort Alert [1:1000001:1] Angel Chiriboga Torres (Feb 19)
- Re: Snort Alert [1:1000001:1] Jeremy Hoel (Feb 19)
- Re: Snort Alert [1:1000001:1] Michael Brown (Feb 19)
- Re: Snort Alert [1:1000001:1] Jeremy Hoel (Feb 19)