Snort mailing list archives
HP 3000 and decode issues
From: Robby Desmond <rdesmond () els ucsb edu>
Date: Tue, 12 Nov 2002 11:30:08 -0800
The (snort_decoder) fires off a lot of alerts on traffic coming from out of our HP3000 machine.
I diabled asn.1 decoding, but I'm still getting them.1) Anyone know why the HP fires these alerts like crazy? (crappy stack programming?)
2) What other decoding do I have to disable? Relevant stats: Snort 1.9 FreeBSD 4.4 MySQL 3.23ACID 09b21 (I know, one release behind, but there are certain time issues involved.)
-Robby Robert Desmond Systems Administrator UCSB Extended Learning Services 805-893-4906 -------------------------------------------------------This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd522.html
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- HP 3000 and decode issues Robby Desmond (Nov 12)
- Re: HP 3000 and decode issues Andrew R. Baker (Nov 12)
- Re: HP 3000 and decode issues Jeff Kell (Nov 12)
- Re: HP 3000 and decode issues Andrew R. Baker (Nov 12)