Snort mailing list archives

Previous By Date Next
Previous By Thread Next

spp_portscan2 and 2.0.6

From: "Ron Shuck" <rshuck () Buchanan com>
Date: Tue, 23 Dec 2003 11:11:09 -0600
Hi All,

I just upgraded to 2.0.6 (yes I know 2.1 is out, but baby steps) on Red
Hat 9. I started noticing that the signature string changed for
portscans, it reads "spp\_portscan2". This breaks how ACID handles
portscans. I took a quick grep in the source, but didn't find anything.

Any ideas on how to fix this, or is it fixed it 2.1?

Thanks,
 
Ron Shuck, CISSP, GCIA, CCSE - Managing Consultant 
Buchanan Associates - A Technology Company in the People Business 


-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: