Snort mailing list archives

Re: Question about Line in Logfile...

From: Chris Green <cmg () sourcefire com>
Date: Mon, 28 Jul 2003 12:17:16 -0400

Erek Adams <erek () snort org> writes:

07/23-00:18:28.945319  [**] [1:0:0] Test [**] [Priority: 0] {TCP}\
217.224.228.216:33137 -> 81.57.63.19:2234

[...]


Something's not right about that though, as there is no SID 0.  Do you
have sid-msg.map and gen-msg.map correctly installed?


That's the default behavior of a rule with no sid: or rev: option
-- 
Chris Green <cmg () sourcefire com>
Chicken's thinkin'


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Question about Line in Logfile... Thomas Bechtold (Jul 22)
- Re: Question about Line in Logfile... Erek Adams (Jul 24)
  - Re: Question about Line in Logfile... Chris Green (Jul 28)