Snort mailing list archives
Re: Snort Alert [1:1000001:1]
From: Michael Brown <mike.a.brown09 () gmail com>
Date: Wed, 19 Feb 2014 16:03:30 -0500
Normally that is created to test snort after you configure and set it up for the first time. --- Thank you, Michael A. Brown mike.a.brown09 () gmail com (757) 912-0836 M.S. Forensic Studies: Computer Forensics B.S. Information Technology: Network Specialist "The only thing necessary for the triumph of evil is for good men to do nothing" -Edmund Burke On Wed, Feb 19, 2014 at 3:24 PM, Jeremy Hoel <jthoel () gmail com> wrote:
This looks like a custom rule that you wrote ( the SID is not a normal one, check local.rules) and the problem is that the sid map didn't get updated, probably because you don't run a rule management tool; pulledpork for example? On Wed, Feb 19, 2014 at 12:02 PM, Angel Chiriboga Torres < angel.chiriboga () e-govsolutions net> wrote:Hi everyone, I need your help with a problem with Snort. All the events appear like the following picture. Why events look this way? How I can fix them? Please, I wait your response as soon as possible. Thanks. Regards. -- Ángel Chiriboga Torres *IT Security Specialist* *EGOVERMENT SOLUTIONS S.A.* E-mail: *angel.chiriboga () e-govsolutions net <angel.chiriboga () e-govsolutions net>* Web: http://www.e-govsolutions.net Celular: +593-995093859 Skype: angelctorres *P* *No imprima este mail a menos que sea absolutamente necesario* *Save a tree, don´t print this e-mail unless it´s really necessary* ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort Alert [1:1000001:1] Angel Chiriboga Torres (Feb 19)
- Re: Snort Alert [1:1000001:1] Jeremy Hoel (Feb 19)
- Re: Snort Alert [1:1000001:1] Michael Brown (Feb 19)
- Re: Snort Alert [1:1000001:1] Jeremy Hoel (Feb 19)