Snort mailing list archives
Re: ACID: more alerts than I asked for in acid_stat_uaddr... :)
From: Andreas Hasenack <andreas () conectiva com br>
Date: Sun, 24 Jun 2001 12:36:41 -0300
This is interesting. The behaviour I described only happens when using links as the browser (and it still happens today, with the CVS version). Using Mozilla, for example, or Netscape, it works as expected. Em Wed, Jun 20, 2001 at 01:37:01PM +0000, roman () danyliw com escreveu:
Bad GET arguments in a the hyperlink, I believe. Patched and commited. Let me know if this was the only instance of this issue. RomanACID from CVS (updated a few minutes ago) I'm in the "today's unique alerts" page. There I see an alert which has: Total: 1 # Sensors: 1 Src addr.: 1 Dst addr.: 1 First and last: the same date/time When I click on, say, "src addr", I get two alerts (the same signature), one from today, and another from another day (the day before, in my case). The same happens if I click on "Total", I get these two results instead of the one that happened today.
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ACID: more alerts than I asked for in acid_stat_uaddr... :) Andreas Hasenack (Jun 19)
- <Possible follow-ups>
- Re: ACID: more alerts than I asked for in acid_stat_uaddr... :) roman (Jun 20)
- Re: ACID: more alerts than I asked for in acid_stat_uaddr... :) Andreas Hasenack (Jun 24)
- Re: ACID: more alerts than I asked for in acid_stat_uaddr... :) roman (Jun 25)
- Re: ACID: more alerts than I asked for in acid_stat_uaddr... :) Andreas Hasenack (Jun 25)
- Re: ACID: more alerts than I asked for in acid_stat_uaddr... :) roman (Jun 25)
- Re: ACID: more alerts than I asked for in acid_stat_uaddr... :) Andreas Hasenack (Jun 25)