Re: How to identify rules in ACID

["larc" <larc () pandora be>]

Hi,

To find the rule you can go to 
http://www.snort.org/cgi-bin/sigs-search.cgi
And enter the alert message that ACID gives. Then you will see the matching signature

Stefan D.
------------------------
 "Pieter Claassen" <pieter () pieterclaassen co uk> wrote:
------------------------
Here are a few quick ACID questions:
> 1. Does anybody know how to identify which rules triggered which alerts via
> ACID (or anything else for that matter)?
> 2. Is there a manual for ACID to explain how alert groups etc. work?
>
> Thanks,
> Pieter
> -----------------------------
> Pieter Claassen
> pieter () openauth co uk
> http://www.openauth.co.uk
>
>
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by: To learn the basics of securing 
> your web site with SSL, click here to get a FREE TRIAL of a Thawte 
> Server Certificate: http://www.gothawte.com/rd524.html
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users




-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing 
your web site with SSL, click here to get a FREE TRIAL of a Thawte 
Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users