Snort: by date
RSS Feed
About List
All Lists
Previous period
2165 messages
starting Sep 30 03 and
ending Dec 31 03
Date index |
Thread index |
Author index
Tuesday, 30 September
snort dnis on modem tranceformer
Re: Can't build RPM using SRPM (snort-2.0.2-4) JP Vossen
Snort-MySQL problem Syed Zuhdi Syed Salim
Wednesday, 01 October
Re: Snort-MySQL problem Edin Dizdarevic
Re: Snort-MySQL problem Shawn Truax
Re: Single Snort instance with multipleconfigurations (output) Shawn Truax
Re: Snort-MySQL problem Edin Dizdarevic
RE: Snort 2.0.2 with MySQL PPowenski
flexresp2 not working in snort 2.0.2 Nerijus Krukauskas
problem in snort.. Reshmi Jain
Snort-MySQL problem Syed Zuhdi Syed Salim
[PATCH]: bad calculation of the amount of drop. Yoann Vandoorselaere
RE: Snort-MySQL problem CMartin
does snort must have its own ip address ? חואן
alert_unified only John Byrnes
Re: alert_unified only Chris Green
Re: does snort must have its own ip address ? Matt Kettler
Rob Flentge/Mechanicsburg/US/Exel is out of the office. Rob Flentge
What are the differences between and IPS and IDS? Chhabria, Kavita - Apogent
Re: What are the differences between and IPS and IDS? twig les
RE: SnortSnarf in Windows snort-ml
Re: What are the differences between and IPS and IDS? Matt Kettler
RE: Snort-MySQL problem Syed Zuhdi Syed Salim
Re: What are the differences between and IPS and IDS? Ravi Kumar
block connections in IPS Ravi Kumar
RE: What are the differences between and IPS and IDS? Michael Steele
Re: block connections in IPS Geoff
Thursday, 02 October
RE: block connections in IPS Michael Steele
Re: flexresp2 not working in snort 2.0.2 Jeff Nathan
Re: block connections in IPS Ravi Kumar
IPS best practice guide pieter claassen
SnortCenter Errors with Byte_Test? Robert Craig
Re: problem in snort.. scott j. lopez
Byte_test SnortCenter Troubles?!? Rob Craig
UPnP Lopez, Frank
alert_unixsock William Morris
Snort rules merging and duplicate entries (3D Linked List) Jukka Juslin
RE: Snort-MySQL problem CMartin
RE: SnortSnarf in Windows snort-ml
How does snort do packet signature detection? Chhabria, Kavita - Apogent
Re: block connections in IPS Geoff
RE: block connections in IPS] Geoff
Re: How does snort do packet signature detection? Matt Kettler
Re: How does snort do packet signature detection? james
Re: block connections in IPS] Jeff Nathan
RE: SnortSnarf in Windows snort-ml
Re: Snort rules merging and duplicate entries (3D Linked List) scheidell
Is there a separate mailing list for snortcenter related question s? Chhabria, Kavita - Apogent
How do you start and stop a sensor from snortcenter management co nsole? Chhabria, Kavita - Apogent
on windows RAGUNATHAN, SOUMYA
RE: on windows Michael Steele
Blocking attacking IP address for some time using Snort and PIX kanwal jeet
Re: Blocking attacking IP address for some time using Snort and PIX kanwal jeet
RE: How does snort do packet signature detection? Matt Kettler
Re: Blocking attacking IP address for some time using Snort and PIX Matt Kettler
mysql.sock Chris Feldmann
Re: block connections in IPS Ravi Kumar
Problem during snort-mysql installation. rajeswaran mugesh
Snort on windows pmahesh90979
Re: mysql.sock Erek Adams
Friday, 03 October
RE: mysql.sock PPowenski
RE: Snort on windows Michael Steele
Re: Snort on windows Matt Kettler
RE: SnortSnarf in Windows snort-ml
Re: block connections in IPS Matt Kettler
Snort/MYSQL Error Haamid, Abdul Qaadir
RE: mysql.sock Erek Adams
Re: mysql.sock Chris Feldmann
Trigger of multiple rules Denny Page
RE: SnortSnarf in Windows Michael Steele
Saturday, 04 October
Logging to database and not to log directory bluerain () pandora be
Wipe out Snort database Egal A Egal - SA
Re: mysql.sock MH
which book on snort ? peter pilsl
Re: Wipe out Snort database Paul Schmehl
Re: Logging to database and not to log directory Gnik
RE: How does snort do packet signature detection? Hernan Bugallo
Re: What are the differences between and IPS and IDS? Ganu Skop
SRI patent on "Hierarchical event monitoring and analysis" Richard Bejtlich
Re: which book on snort ? Rudi Starcevic
Re: Blocking attacking IP address for some time using Snort and PIX Frank Knobbe
QUASHING thread: SRI patent on "Hierarchical event monitoring and analysis" Jeff Nathan
Sunday, 05 October
RE: SnortSnarf in Windows snort-ml
Re: alert_unified only Erek Adams
RE: SnortSnarf in Windows Michael Steele
Snort Rules jbendure
Re: Snort Rules Irwan Hadi
Re: SRI patent on "Hierarchical event monitoring and analysis" Rich Adamson
snort books Chris Feldmann
Data_payload logging in database is truncated Niko
Installation problem with snort. rajeswaran mugesh
Official Grand Opening of - WINSNORT.com Michael Steele
Monday, 06 October
Re: Installation problem with snort. Ravi Kumar
RE: Snort-MySQL problem Shawn Truax
Re: Installation problem with snort. Daniel Wittenberg
Ignored XXX Duplicate alerts Brei, Matt
Re: SRI patent on "Hierarchical event monitoring and analysis" Martin Roesch
Re: [Snort-sigs] ARP scan jon baer
problem with PerfMonitor sherif tawfic
difficulties in ALERT generation... santosh reddy
Synchronizing archive and live DBs John Creegan
Re: problem with PerfMonitor Edin Dizdarevic
Can we send email using Outlook as the smtp server with ACID? Chhabria, Kavita - Apogent
Re: Can we send email using Outlook as the smtp server with ACID? Demetri Mouratis
Snort Kernel Module Josh Berry
Snort fails to dump alerts to Solaris 8 Syslog Richard Pitkanen
Re: Snort Kernel Module Matt Kettler
Re: Snort Kernel Module Josh Berry
NIDS test steps twig les
Re: Snort Kernel Module pieter claassen
Re: Snort Kernel Module Mark Nipper
Re: Snort Kernel Module Josh Berry
Snort on RH 9 Updated documentation Patrick Harper
Re: Snort Kernel Module Jason Haar
Remote Syslog... Mike Koponick
Snort - ACID Displays NO data on IE fkseow
RE: Can we send email using Outlook as the smtp server with ACID? Michael Steele
Re: Snort Kernel Module Ravi Kumar
Remote Syslog... Mike Koponick
Snort.org packages with bad sigs? monroe
Brian Denicola/US/ABNAMRO/NL is out of the office. brian . denicola
Tuesday, 07 October
Re: Snort Kernel Module Dragos Ruiu
Re: Snort Kernel Module pieter claassen
Re:Snort installation problem rajeswaran mugesh
snort-inline question Harry Brueckner
Re: Snort Installation trouble. rajeswaran mugesh
Snort 2.0.2 payload corruption/Mix up. Patrik Astrom
Re: snort-inline question Harry Brueckner
Re: snort-inline question Guillaume Rix
Re: Snort fails to dump alerts to Solaris 8 Syslog Erek Adams
acid - barnyard - payload Jochen Vogel
Re: Remote Syslog... Erek Adams
Re: Snort-2.0.0 : ODBC : Unnable to Connect Rodrigo Lima de Oliveira
Snort service fails to start Michael
Snort 2.0.2 install location Derek Fairley
mysql-Problem Albert Einstein
|> Starting Snort service failed Michael
Re: snort-inline question seclists
Re: Snort 2.0.2 install location Erek Adams
RE: mysql-Problem PPowenski
Re: snort-inline question Harry Brueckner
Re: Snort.org packages with bad sigs? Daniel Wittenberg
RE: mysql-Problem risc
How to install oinkmaster-0.8? Snortty
Re: Snort 2.0.2 install location Patrick Harper
RE: mysql-Problem Daniel Wittenberg
RE: mysql-Problem Daniel Wittenberg
Re: How to install oinkmaster-0.8? Daniel Wittenberg
RE: How to install oinkmaster-0.8? Grime, Richard S
RE: mysql-Problem risc
RE: Snort service fails to start Gnik N.
RE: SnortSnarf in Windows snort-ml
Snort not talking to the sql server. Timmy Jones
Snort Implementation Adam Towarnyckyj
RE: SnortSnarf in Windows Michael Steele
Snort Compile Error: "Undefined referenence to uncompress" Infosec Account
Re: Snort Implementation Jeff Pricher
difficulties in alert generation santosh reddy
RE: SnortSnarf in Windows Everist, Benjamin S. (NASWI)
Re: difficulties in alert generation Nick Oliver
Strange Loopback Traffic Chad Gross - Loretel
RE: SnortSnarf in Windows Michael Steele
RE: SnortSnarf in Windows Michael Steele
Notes on Sourcefire seminar Richard Bejtlich
Re: difficulties in alert generation risc
RE: SnortSnarf in Windows Michael Steele
Re: Strange Loopback Traffic Frank Knobbe
Wednesday, 08 October
Re[2]: Strange Loopback Traffic Jyri Hovila
snort + cisco 4x00 catalysts Paulo Filipe Mira
AW: acid - barnyard - payload Jochen Vogel
Re: Snort Compile Error: "Undefined referenence to uncompress" Infosec Account
libmysqlclient: undefined reference to `uncompress' Michael casale
Information Not Appearing On ACID Console Kaplan, Andrew H.
Re: Information Not Appearing On ACID Console Valter Santos
Barnyard John Creegan
Barnyard John Creegan
Barnyard John Creegan
Help with barnyard. Chhabria, Kavita - Apogent
Re: Help with barnyard. Andrew R. Baker
RE: Information Not Appearing On ACID Console Kaplan, Andrew H.
Barnyard John Creegan
sguil and barnyard errors Kerry Cox
how to e-mail alerts from acid page santosh reddy
Re: snort + cisco 4x00 catalysts twig les
Re: sguil and barnyard errors Bamm Visscher
Re: Barnyard Jeff Nathan
Unknown Datagram decoding problem! CGhercoias
Re: Barnyard Jeff Nathan
SNORT 2.0.0 :: ODBC :: FREETDS :: SQL SERVER Rodrigo Lima de Oliveira
monitoring pflog0 on obsd Shawn Posthumus
Re: monitoring pflog0 on obsd Mark Nipper
Local Whois doesn't work in ACID. Juan M. Rivera
RE: how to e-mail alerts from acid page Schmehl, Paul L
(no subject) Kristian Schling
Re: monitoring pflog0 on obsd MH
Re: monitoring pflog0 on obsd Mark Nipper
Re: monitoring pflog0 on obsd MH
Re: monitoring pflog0 on obsd Shawn Posthumus
I need sensor volunteers Brad dev account
Thursday, 09 October
ICMP / drop. Rudi Starcevic
Re: ICMP / drop. Ralf Spenneberg
Re: ICMP / drop. Rudi Starcevic
Re: (no subject) Ralf Spenneberg
RE: Information Not Appearing On ACID Console Ralf Spenneberg
Re: ICMP / drop. Edin Dizdarevic
Re: ICMP / drop. Rudi Starcevic
Re: ICMP / drop. Edin Dizdarevic
Snort on Windows : system error 1067 thelastcowboy
AW: acid - barnyard - payload Jochen Vogel
Rule to exclude a specific IP in Snort Juan M. Rivera
RE: Rule to exclude a specific IP in Snort Hutchinson, Andrew
EXTERNAL_NET definition in Snort Jukka Juslin
RE: Rule to exclude a specific IP in Snort Grime, Richard S
RE: Rule to exclude a specific IP in Snort Jason
Re: Rule to exclude a specific IP in Snort Chris Green
Re: EXTERNAL_NET definition in Snort Erek Adams
RE: Barnyard Steven Rudolph
RE: Rule to exclude a specific IP in Snort Juan M. Rivera
RE: EXTERNAL_NET definition in Snort Grime, Richard S
Re: Barnyard John Creegan
Re: Rule to exclude a specific IP in Snort Chris Green
Very few Snort alerts mailinglist
Rob Flentge/Mechanicsburg/US/Exel is out of the office. Rob Flentge
snort reports in english tempus
Re:Barnyard John Creegan
Naming the Sensors in a multiple interface sensor James Hunter
Why does log_acid_db not work? Chhabria, Kavita - Apogent
Skype rule Marc Quibell
Snort Setup Scenario - Suggestions Naman Latif
Sample config Igor Kotlovskiy
Naming the Sensors in a multiple interface sensor Marc Quibell
Re: Re:Barnyard Jeff Nathan
Re: Naming the Sensors in a multiple interface sensor Erek Adams
Re: Naming the Sensors in a multiple interface sensor James Hunter
Re: SNORT 2.0.0 :: ODBC :: FREETDS :: SQL SERVER Secureplay
Mac Adresses in Acid Screens Juan M. Rivera
Re: Snort Setup Scenario - Suggestions Josh Berry
RE: Snort Setup Scenario - Suggestions Naman Latif
RE: Snort on Windows : system error 1067 Michael Steele
RE: Snort Setup Scenario - Suggestions Josh Berry
Announcement: Visual Intrusion Analyzer (Beta Release) Eric Knight
How to get an answer to your question(s) Erek Adams
Friday, 10 October
Snort + Apache modules. Rudi Starcevic
Re: Mac Adresses in Acid Screens Demetri Mouratis
Strange Loopback traffic Scott Weller
snort 2.0 architecture Angelo . Fabiano
Re:Barnyard John Creegan
Re: How to get an answer to your question(s) David Alonso De La Vega Tapage
Re: Mac Adresses in Acid Screens Milo Velimirovic
RE: Mac Adresses in Acid Screens Schmehl, Paul L
Re: Mac Adresses in Acid Screens Jeff Nathan
Re: Re:Barnyard Jeff Nathan
RE: SnortSnarf in Windows snort-ml
error starting snort!! yoki tyas
Problem with web-iis rules Yan Zhai
RE: Mac Adresses in Acid Screens Demetri Mouratis
Snort-2.0.2-5.src.rpm bad MD5 digest Harry Hoffman
Re: Mac Adresses in Acid Screens Stephen W. Thompson
Re: Snort-2.0.2-5.src.rpm bad MD5 digest Daniel Wittenberg
Re:Barnyard Marc Quibell
Re: Re[2]: Strange Loopback Traffic Frank Knobbe
Re: error starting snort!! Matt Kettler
RE: Problem with web-iis rules snort-ml
Alerts or log files, which is better? John Creegan
Re: Problem with web-iis rules Matt Kettler
Re: Problem with web-iis rules Erek Adams
Re: error starting snort!! Erek Adams
Re: Problem with web-iis rules Josh Berry
RE: Mac Adresses in Acid Screens Schmehl, Paul L
Re: Problem with web-iis rules Josh Berry
Testing My Snort DIDS Aaron Babalola
Re: How to get an answer to your question(s) JP Vossen
Re: Testing My Snort DIDS twig les
Re: Announcement: Visual Intrusion Analyzer (Beta Release) Scot Scot
RE: Announcement: Visual Intrusion Analyzer (Beta Release) LE
RE: Announcement: Visual Intrusion Analyzer (Beta Release) Michael Steele
RE: Announcement: Visual Intrusion Analyzer (Beta Release) dave kleiman
Saturday, 11 October
Visual Intrusion Analyzer Bugs, feedback, and a little background. Eric Knight
Data_payload logging in database is truncated Niko
Re: Visual Intrusion Analyzer Bugs, feedback, and a little background. Jeff Nathan
Re: Problem with web-iis rules Yan Zhai
RE: Problem with web-iis rules Yan Zhai
Re: Visual Intrusion Analyzer Bugs, feedback, and a little background. Eric Knight
ADSL and SNORT GRL
Sunday, 12 October
Same config, FreeBSD vs OpenBSD, WAY different results Jim Brown
Re: Same config, FreeBSD vs OpenBSD, WAY different results twig les
Re: Same config, FreeBSD vs OpenBSD, WAY different results Erek Adams
Not Picking up Much WHY "I am pulling out my hair" Elijah Savage
Re: Not Picking up Much WHY "I am pulling out my hair" Patrick Harper
Re: Same config, FreeBSD vs OpenBSD, WAY different results Jim Brown
RE: Same config, FreeBSD vs OpenBSD, WAY different results Michael Steele
Re: Same config, FreeBSD vs OpenBSD, WAY different results Stephen W. Thompson
Monday, 13 October
AW: acid - barnyard - payload Jochen Vogel
Eric Van den Bossche is out of the office. Eric Van den Bossche
RE: snort + cisco 4x00 catalysts Paulo Filipe Mira
RE: Not Picking up Much WHY "I am pulling out myhair" Elijah Savage
Re: ADSL and SNORT Matt Kettler
Re: Same config, FreeBSD vs OpenBSD, WAY different results scheidell
Re: Same config, FreeBSD vs OpenBSD, WAY different results Marc Quibell
RE: Not Picking up Much WHY "I am pulling out myhair" esavage
RE: Visual Intrusion Analyzer Bugs, feedback, and a little background. adam.w.hogan
Snortcenter Shawn Cannon
Re: Same config, FreeBSD vs OpenBSD, WAY different results Josh Berry
Re: Snortcenter Roberto Bosticardo
snort on linux and acid on windows ravath k
Snort rule for AIM fire transfers? Michael Janke
RE: Snort-MySQL problem Shawn Truax
RE: Problem with web-iis rules Alex Alborzfard
RE: Not Picking up Much WHY "I am pulling out myhair" esavage
Shadow/Snort IDS version 3.2 with ACID Guy Bruneau
RE: Not Picking up Much WHY "I am pulling out myhair" John Creegan
Bug in 2.02 found getting this SMB rule to work Jason Haar
Re: Same config, FreeBSD vs OpenBSD, WAY different results Jim Brown
Changing Alert Order Thiago Mello
RE: Not Picking up Much WHY "I am pulling outmyhair" Elijah Savage
RE: snort on linux and acid on windows Michael Steele
Tuesday, 14 October
VIA and suggestions... Eric Knight
Snort / Barnyard error. Rudi Starcevic
AW: Snort / Barnyard error. Jochen Vogel
AW: Snort / Barnyard error. Jochen Vogel
winsnort : how to update rules ? thelastcowboy
Re: AW: Snort / Barnyard error. Rudi Starcevic
Re: Snort / Barnyard error. Bamm Visscher
snortinline doesn´t log payload Jochen Vogel
Re: Same config, FreeBSD vs OpenBSD, WAY different results Marc Quibell
Snort Logs Martin Jr., D. Michael
Flushing the data from the MySQL database Kaplan, Andrew H.
RE: Flushing the data from the MySQL database Schmehl, Paul L
Re: Flushing the data from the MySQL database Josh Berry
RE: Flushing the data from the MySQL database Michael Parkinson
Recognize this? JJ
RE: Flushing the data from the MySQL database Josh Berry
tippingpoint Kerry Cox
Re: Recognize this? James Nonya
RE: Rule to exclude a specific IP in Snort Juan M. Rivera
Re: tippingpoint Sean Perry
Re: Recognize this? JJ
RE: tippingpoint Rich Stryker
RE: Snort Logs Martin Jr., D. Michael
RE: tippingpoint Geoff
Re: tippingpoint Josh Berry
Re: tippingpoint Josh Berry
byte_test and Snortcenter John Hally
Re: RE: Snort Logs Nick Oliver
Time and Date off Elijah Savage
snortsnarf grant
Re: Time and Date off John Creegan
Re: t(r)ippingpoint? Jason
RE: Time and Date off Elijah Savage
Re: t(r)ippingpoint? Josh Berry
RE: SnortSnarf Michael Steele
Non-content matching. OTN before RTN? Jaykumar Gosar
Wednesday, 15 October
Barnyard HTML output error Rudi Starcevic
NIDS Packet Capture Problem Shishir Tejpal
(no subject) Dave . Hartley
How can i see the payload of extra-packet captured by tag option ???? m.massarenti () cineca it
NIDS Packet Capture Problem Shishir Tejpal
Re: Re: [Snort-devel] IDS vs IPS Dragos Ruiu
RE: snort on linux and acid on windows Zach Forsyth
RE: NIDS Packet Capture Problem Gordon Cunningham
Home nets and pruning my alerts ccidsh-snort . org
RE: tippingpoint Brian Laing
Using Snort as IDS + packet logger Damiano Bolzoni
Re: tippingpoint Jeff Nathan
RE: SCAN UPnP service discover attempt Schmehl, Paul L
SCAN UPnP service discover attempt Martin Jr., D. Michael
Don't report and rules retrieval Martin Jr., D. Michael
Re: Don't report and rules retrieval Jeff Pricher
RE: Using Snort as IDS + packet logger Richard Bejtlich
Thursday, 16 October
Re: Using Snort as IDS + packet logger Scot Scot
alert_unixsock Nic¤
Rule for MS03-046 ? Muenz, Michael
FW: Rule to exclude a specific IP in Snort grant
RE: Using Snort as IDS + packet logger grant
Windows Event Log & alert.ids grant
Can't Start Snort - ERROR: No netmask specified for home network! Ross Bram
RE: SCAN UPnP service discover attempt Philip Davidson
RE: byte_test and Snortcenter snort
where I configure my rules ? חואן
RE: tippingpoint Rich Stryker
Monitor multiple VLANs Martin Jr., D. Michael
Re: Monitor multiple VLANs Chris Green
RE: Monitor multiple VLANs Jake Seitz
RE: Monitor multiple VLANs Martin Jr., D. Michael
RE: tippingpoint Marc Quibell
RE: Monitor multiple VLANs Gordon Cunningham
RE: Monitor multiple VLANs Jeremy Junginger
RE: Monitor multiple VLANs Douglas McCrea
quick question Pari Sahai
send scan.log to remote Log-Host Thomas Bechtold
RE: quick question kanwal
Windows Event Log & alert.ids grant
RE: Snort -> Mysql formatting IP addresses Jacob Roberts
Snort Startup Erro - "libmysqlclient.so.12 not found" O'Flynn, Derek
Can Snort do this? Sheahan, Paul
RE: Snort -> Mysql formatting IP addresses Nelson, Ben
RE: Monitor multiple VLANs Martin Jr., D. Michael
Snort -> Mysql formatting IP addresses FWAdmin
RE: Snort -> Mysql formatting IP addresses Nelson, Ben
RE: tippingpoint Gross Barry D.
QUASHING THREAD: Re: tippingpoint Jeff Nathan
Re: Snort-users digest, Vol 1 #3643 - 11 msgs Marc Quibell
RE: Snort -> Mysql formatting IP addresses Dusty Hall
RE: Snort -> Mysql formatting IP addresses Hutchinson, Andrew
Snort Success!!! grant
SnortSnarf Martin Jr., D. Michael
Re: Windows Event Log & alert.ids Scot Scot
Re: FW: Rule to exclude a specific IP in Snort Erek Adams
RE: Windows Event Log & alert.ids grant
RE: SnortSnarf grant
Re: alert_unixsock Erek Adams
RE: SnortSnarf Martin Jr., D. Michael
RE: SnortSnarf grant
Re: where I configure my rules ? Erek Adams
RE: SnortSnarf Michael Steele
Re: Can Snort do this? Erek Adams
Re: Snort Startup Erro - "libmysqlclient.so.12 not found" Erek Adams
RE: Snort Startup Erro - "libmysqlclient.so.12 not found" O'Flynn, Derek
Re: alert_unixsock Frank Knobbe
Re: tippingpoint] Geoff
What is snort doing to the packets Steve Bagwell
Friday, 17 October
Re: tippingpoint] John Sage
Re: where I configure my rules ? John Sage
Re: What is snort doing to the packets John Sage
RE: Snort Logs grant
snort.conf file.. f z
No portscan alerts shown in acid. Peters, Michael D.
Snort and SSL Sheahan, Paul
Re: tippingpoint] Frank Knobbe
What is snort doing to the packets Bagwell, Steve
sid:663; rev:6 false alerts/bug Michael Sierchio
What is snort doing to the packets Bagwell, Steve
RE: Snort -> Mysql formatting IP addresses Steve Halligan
Re: Can Snort do this? guillaume.rix
Re: tippingpoint] Michael Sierchio
Re: Can Snort do this? Guillaume . Rix
Re: snort.conf file.. Matt Kettler
Re: tippingpoint]] Geoff
[Fwd: Re: tippingpoint] Geoff
Re: tippingpoint] Geoff
Re: [Fwd: Re: tippingpoint] Josh Berry
RE: [Fwd: Re: tippingpoint] Bob Walder
New to Snort wallenpb
Re: [Fwd: Re: tippingpoint] Geoff
Testing tools Alan Holmes
Re: tippingpoint] Gary Flynn
Re: Snort and SSL Rudi Starcevic
Re: [Fwd: Re: tippingpoint] Gary Flynn
Saturday, 18 October
RE: SnortSnarf grant
SnortCenter Sensor failed to start samwun
fatal error חואן
how can one tell if snort works חואן
w ant to use Mrtg with snort חואן
Re: Windows Event Log & alert.ids Scot Scot
Re: Testing tools Demetri Mouratis
Re: fatal error Josh Berry
Re: No portscan alerts shown in acid. John Creegan
Sunday, 19 October
problem with snortcenter samwun
Re: how can one tell if snort works Josh Berry
[Snort-Users] Patching Snort with SnortSAM Daniél Haslinger
Re: problem with snortcenter Irwan Hadi
Missing of application/data link layer capture. samwun
script to extract payload info from mysql snort table samwun
Compilation of Snort 2.0.2 in debug mode fails Mark Cooper (HP)
Re: how can one tell if snort works Nick Oliver
No External Hits/Proxy Server Required? Tim Rohrer
error in running SnortSnarf samwun
Re: Compilation of Snort 2.0.2 in debug mode fails Chris Reid
L7 protocol analysis and snort ramesh neelmegh
Re: tippingpoint] John Sage
Re: [Snort-Users] Patching Snort with SnortSAM Frank Knobbe
Monday, 20 October
FW: tippingpoint] Geoff Poer
Spade plugin Alexey Kuzmenko
RE: Testing tools Matt Foster
Spade logs Alexey Kuzmenko
Compilation of Snort 2.0.2 in debug mode fails Mark Cooper
Compilation of Snort 2.0.2 in debug mode fails Mark Cooper
snort and mysql socket error Dr. EDV
Re: snort and mysql socket error John Creegan
Span Port to Fiber Tap Problems Dusty Hall
RE: Span Port to Fiber Tap Problems larosa, vjay
Re: Rule to exclude a specific IP in Snort Nordwall, Douglas J
where is see snort logs ? חואן
Re: where is see snort logs ? Matt Kettler
Re: Can Snort do this? Chris Green
Updated snort.server script Jeff Nathan
how to log payload data to MySQL and /var/log/snort/ Sam Wun
Tuesday, 21 October
Snort Rules Martin Jr., D. Michael
Newbie Question - Snort on Windows Joan L. Ackerman
Managed Snort/IDS? Ryan Finnesey
SNMP Support in FreeBSD Keith Long
Re: Snort Rules Matt Kettler
RE: Managed Snort/IDS? Gordon Cunningham
Re: Newbie Question - Snort on Windows Matt Kettler
Re: SNMP Support in FreeBSD Michael Sierchio
SNMP Support in FreeBSD Keith Long
RE: SNMP Support in FreeBSD Keith Long
snort + freebsd tuning John
RE: Managed Snort/IDS? TPanaitescu
Re: snort + freebsd tuning Michael Sierchio
Re: SNMP Support in FreeBSD Michael Sierchio
Re: SNMP Support in FreeBSD Michael Sierchio
RE: SNMP Support in FreeBSD Keith Long
Wednesday, 22 October
Lots of outgoing portscans Richard Gaywood
Re: Lots of outgoing portscans Richard Gaywood
RE: SNMP Support in FreeBSD Keith Long
Re: SNMP Support in FreeBSD Chris Green
how to populate snort payload data to MySQL? samwun
Re: Lots of outgoing portscans Matt Kettler
MS03-043 Jeremy Junginger
Same alerts generation hlima
Problem: Unknown ClassType Cluett, Russell
RE: how to populate snort payload data to MySQL? samwun
RE: how to populate snort payload data to MySQL? samwun
Re: Problem: Unknown ClassType Jeffrey Pricher
New rules keyword error Marc Quibell
Re: Content of Snort-users digest, Vol 1 #3660 Jay Moloo
(no subject) Cluett, Russell
RE: how to populate snort payload data to MySQL? Jeff Dell
Program that reads unified log format natively Ben Nelson
how to convert payload data from MySQL data table to tcpdump formated data? samwun
NETBIOS nimda.eml Paul Lane
RE: Problem: Unknown ClassType Schmehl, Paul L
FW: [Snort-devel] New code (and building) [continued... ] Kreimendahl, Chad J
RE: SNMP Support in FreeBSD twig les
RE: SNMP Support in FreeBSD Erek Adams
snort and sflow? shanks
Re: how to convert payload data from MySQL data table to tcpdump formated data? Erek Adams
Snort with Mysql Xiaoxu Huang
Re: NETBIOS nimda.eml Erek Adams
Re: snort and sflow? Erek Adams
Re: New rules keyword error Erek Adams
Re: alert_unixsock Erek Adams
Re: New rules keyword error Marc Quibell
Re: New rules keyword error Erek Adams
Re: Snort with Mysql Erek Adams
Re: NETBIOS nimda.eml Jason Haar
Re: New rules keyword error Marc Quibell
Alerts timestamp Ramon Barquier
Re: snort and sflow? shanks
snort ids dfd f z
RE: snort and sflow? Kim Wall
Thursday, 23 October
snort ids dfd f z
Re: how to populate snort payload data to MySQL? Kenneth G. Arnold
snort IDS DFD f z
Re: Snort Success!!! Shawn Truax
Re: snort IDS DFD Shawn Truax
RE: SNMP Support in FreeBSD Martin Olsson
Re: problem with snortcenter Shawn Truax
Re: Span Port to Fiber Tap Problems Shawn Truax
Re: how to convert payload data from MySQL data table to tcpdump formated data? Sam Wun
RE: Span Port to Fiber Tap Problems larosa, vjay
Fwd: Troubles With Multiple Sensors Tim Rohrer
Re: New rules keyword error Marc Quibell
Re: New rules keyword error John Creegan
RE: how to convert payload data from MySQL data table to tcpdump formated data? samwun
RE: how to convert payload data from MySQL data table to tcpdump formated data? Jeff Dell
Re: how to convert payload data from MySQL data table to tcpdump formated data? Martin Olsson
RE: how to populate snort payload data to MySQL? Kenneth G. Arnold
Re: New rules keyword error Andreas Östling
Re: New rules keyword error Frank Knobbe
Re: New rules keyword error John Creegan
RE: Span Port to Fiber Tap Problems Dusty Hall
RE: how to convert payload data from MySQL data table to tcpdump formated data? samwun
RE: how to convert payload data from MySQL data table to tcpdump formated data? samwun
Compiling Snort Statically Josh Berry
Distributed tcpdump output log file from snort. sam
Friday, 24 October
Re: SNMP Support in FreeBSD Alexey Kuzmenko
Troubles With Multiple Sensors Tim Rohrer
Snort on PPP Adapter / Win32 Fernsebner Christian
Re: New rules keyword error Jason Haar
Re: Troubles With Multiple Sensors Shawn Truax
rules with flow:established not working Ed Callahan
no payload on ppp0 Jochen Vogel
Re: New rules keyword error Chris Green
Re: Parameters of Computer with 1G or 2x1G Ethenet NIC Philip Nedev
RE: SNMP Support in FreeBSD Keith Long
Re: how to convert payload data from MySQL data table to tcpdump formated data? Martin Olsson
AW: Program that reads unified log format natively Jochen Vogel
snort tcpdump binary file mirroing over network. samwun
RE: Program that reads unified log format natively Williams Jon
Re: New rules keyword error Marc Quibell
Re: New rules keyword error Marc Quibell
Re: SNMP Support in FreeBSD Michael Sierchio
How to get an answer to your question(s) Jeff Nathan
Windows Snort Users Martin Jr., D. Michael
Re: New rules keyword error Jeff Nathan
Re: How to get an answer to your question(s) Matt Kettler
Re: New rules keyword error Marc Quibell
Re: Troubles With Multiple Sensors Erek Adams
Re: rules with flow:established not working Erek Adams
Re: Troubles With Multiple Sensors Erek Adams
Re: snort tcpdump binary file mirroing over network. Erek Adams
RE: Program that reads unified log format natively Erek Adams
Re: no payload on ppp0 Erek Adams
Re: How to get an answer to your question(s) Erek Adams
RE: rules with flow:established not working Ed Callahan
Re: snort tcpdump binary file mirroing over network. Chris Green
Re: New rules keyword error Chris Green
RE: rules with flow:established not working Erek Adams
RE: rules with flow:established not working Ed Callahan
RE: rules with flow:established not working Schmehl, Paul L
Is it really a HUB? Petriz, Pablo
Re: Is it really a HUB? Craig Paterson
snort DB error.... f z
RE: snort tcpdump binary file mirroing over network. samwun
flow:established not working Ed Callahan
RE: rules with flow:established not working Ed Callahan
RE: rules with flow:established not working Erek Adams
interesting observation on snort logging! Anyone else.. hallian hallian
Same alerts Henrique Lima
Request: New sections in snort-sid-template.txt Martin Olsson
Saturday, 25 October
Same alerts generation hlima
Re: snort DB error.... Ralf Spenneberg
AW: no payload on ppp0 Jo
RE: snort tcpdump binary file mirroing overnetwork. Shawn Truax
Re: AW: no payload on ppp0 Shawn Truax
Re: Span Port to Fiber Tap Problems Jeff Nathan
Re: Program that reads unified log format natively Bamm Visscher
Redundant alerts in ACID ramesh naidu
Problem with MSSQL and ACID ramesh naidu
demarc/puresecure plugins? Ernie Lim
RE: MS03-043 Adams, Samuel (contractor)
Re: Troubles With Multiple Sensors Tim Rohrer
perfmonitor Erwin Van de Velde
Snort on Windows - Help Rajneel.Dhotre
RE: SNMP Support in FreeBSD Keith Long
RE: rules with flow:established not working Ed Callahan
Re: Is it really a HUB? Jason Haar
Re: snort tcpdump binary file mirroing over network. Jason Haar
Re: Program that reads unified log format natively Chris Green
Re: Is it really a HUB? Rich Adamson
Re: New rules keyword error Jeff Nathan
RE: Snort on Windows - Help Michael Steele
RE: rules with flow:established not working Paul Schmehl
compiling snort on windows aditya kilaru
Dropping packets why? Elijah Savage
Re: snort tcpdump binary file mirroing overnetwork. Michael Sierchio
RE: Windows Snort Users Michael Steele
snort rules.... f z
Re: snort rules.... Shawn Truax
problem.... f z
Sunday, 26 October
Unknown datagram decoding problem Secureplay
Re: perfmonitor Edin Dizdarevic
AW: AW: no payload on ppp0 Jo
Is this an attack in the making? Michael Esposito
OT: Spam Mail on List? Tim Rohrer
RE: OT: Spam Mail on List? Edwin Beekman
Monday, 27 October
AW: AW: no payload on ppp0 Jochen Vogel
Re: OT: Spam Mail on List? snort
Re: OT: Spam Mail on List? Daniél Haslinger
Re: OT: Spam Mail on List? Tim Rohrer
RE: OT: Spam Mail on List? LE
Re: Is it really a HUB? Mike Cojocea
ACID alternative? Peters, Michael D.
Re: ACID alternative? Bamm Visscher
Release of Snort Management Reports pieter claassen
Re: ACID alternative? jon baer
Re: ACID alternative? John Creegan
RE: OT: Spam Mail on List? Schmehl, Paul L
RE: OT: Spam Mail on List? Marc Quibell
Snort technical reviewers wanted Kerry Cox
RE: OT: Spam Mail on List? Ernie Lim
RE: OT: Spam Mail on List? Schmehl, Paul L
Datagrams decoding problems Alexey Kuzmenko
Re: Is this an attack in the making? Matt Kettler
Re: OT: Spam Mail on List? Jeff Nathan
Re: Dropping packets why? Matt Kettler
Re: Dropping packets why? Edin Dizdarevic
RE: Dropping packets why? O'Flynn, Derek
Re: OT: Spam Mail on List? Jeff Nathan
Re: Datagrams decoding problems Chris Green
Re: OT: Spam Mail on List? Chris Green
Re: OT: Spam Mail on List? Chris Green
RE: snort DB error.... Bright, Mark IT2
RE: OT: Spam Mail on List? SRH-Lists
Re: Dropping packets why? Michael Sierchio
Re: OT: Spam Mail on List? Marc Quibell
Re: OT: Spam Mail on List? Chris Green
copious (snort_decoder) WARNING: Not IPv4 datagram! Ernie Lim
RE: Dropping packets why? Elijah Savage
RE: Dropping packets why? Elijah Savage
Re: OT: Spam Mail on List? Tim Rohrer
Re: Is it really a HUB? Kristofer T. Karas
RE: Dropping packets why? Matt Kettler
RE: Dropping packets why? Paul Schmehl
Re: ACID alternative? Josh Berry
Re: [TCP and 53] Geoff
RE: copious (snort_decoder) WARNING: Not IPv4 datagram! Ernie Lim
Re: Acid + Snort integration cc
RE: Dropping packets why? Elijah Savage
RE: Dropping packets why? Elijah Savage
snort and mysql cc
Re: copious (snort_decoder) WARNING: Not IPv4 datagram! Geoff
Snort Sensor RAJNEEL DHOTRE
Patch submission Secureplay
Tuesday, 28 October
Re[2]: Datagrams decoding problems Alexey Kuzmenko
Traffic flow RAJNEEL DHOTRE
Problems with the ordering inside the rules Sergio Talens-Oliag
Please help!! hlima
strange port scan activity to tcp 18xxx? Vincent Chen
Snort technical reviewers wanted Kerry Cox
Re: ACID alternative Sleepy
Re: snort + freebsd tuning Nigel Houghton
ACID Email alerts Krueger, Brian
Re: New rules keyword error Josh Berry
Snort with Mysql Xiaoxu Huang
demarc/puresecure plugins? Ernie Lim
Re: snort + freebsd tuning Nigel Houghton
RE: Managed Snort/IDS? Ryan Finnesey
Database logging question Bob Fudge
Announcement: Alert Verification for Snort Christopher Kruegel
Compiling Snort Statically Josh Berry
Re: Is it really a HUB? Marc Quibell
help required sharma krishna
Snort install error finding mysql.h Cluett, Russell
Re: Please help!! Thiago Mello
Snort+Kismet James R. Frisky
Re: Snort+Kismet Nordwall, Douglas J
technical reviewers Kerry Cox
Re: Snort install error finding mysql.h Perkins
Stealth sniffing and and bridging networks Watson, Ed
Snort MySQL logging error... Bright, Mark IT2
ICMP w/payload of 1472 zeroes Michael Sierchio
RE: Snort MySQL logging error... Jeff Dell
Snort 2.0.2 and Oracle DB Runion, Matthew D
ACID patch for portscan2??? Peters, Michael D.
Using snort for network stats? Michael Miller
Re: Using snort for network stats? James Nonya
RE: Using snort for network stats? Jeff Dell
Re: Using snort for network stats? Jeffrey Pricher
Re: Patch submission Chris Green
Stealth sniffing and and bridging networks Marc Quibell
RE: Using snort for network stats? DeBerry, Casey
RE: Using snort for network stats? Snort
New Blaster variant? Bryan Oser
Re: Is it really a HUB? Kristofer T. Karas
remote database logging Majwabu, Richard
read snort payload data? JOHN XAVIOR
(no subject) Bob Apthorpe
Re: Is it really a HUB? Marc Quibell
Re: New Blaster variant? Jim Brown
Re: ICMP w/payload of 1472 zeroes Mike Cojocea
errors in my postgresql logs after running snortdb-extra.gz Jason Truong
Re: ICMP w/payload of 1472 zeroes Michael Sierchio
Proposed Configuration Kaplan, Andrew H.
RE: New Blaster variant? Security Admin
Re: New Blaster variant? Jeff Kell
RE: Traffic flow RAJNEEL DHOTRE
Re: Is it really a HUB? Darryl Luff
Installation Problem Aryan D
snort as network surveillance tool gsrao
Wednesday, 29 October
Re: Installation Problem Aryan D
Rule files commented out with Oinkmaster hlima
RE: snort tcpdump binary file mirroing overnetwork. Donofrio, Lewis
Re: Installation Problem Ralf Spenneberg
Re: Installation Problem Aryan D
RE: snort tcpdump binary file mirroing overnetwork. Keith Long
Re: snort DB error.... Ralf Spenneberg
remote database logging Majwabu, Richard
RE: Is it really a HUB? Potts, Ross A.
Re: Rule files commented out with Oinkmaster Andreas Östling
Re: Snort 2.0.2 and Oracle DB Nerijus Krukauskas
ERROR: OpenPcap() FSM compilation failed: ?? James R. Frisky
Portscan log file consolidation. Peters, Michael D.
RE: Spam:Re: New Blaster variant? Bryan Oser
Nachi false positives Martin Jr., D. Michael
RE: Snort 2.0.2 and Oracle DB Majwabu, Richard
Excluding particular IP address ranges from scans Kaplan, Andrew H.
Re: Nachi false positives Mark Nipper
HTTP Packet Capture Jim VanEtten
Re: HTTP Packet Capture Mark Nipper
Re: Excluding particular IP address ranges from scans Ralf Spenneberg
Re: Portscan log file consolidation. Denny Page
Re: RE: BAD-TARFFIC Loopback traffic Frank Knobbe
RE: Excluding particular IP address ranges from sca ns Kaplan, Andrew H.
Problem to sniff 80, 110, 25 and 21 ports. giochi
Re: HTTP Packet Capture Matt Kettler
remote logging Majwabu, Richard
generic bpf_rules_file Kaplan, Andrew H.
Re: Problem to sniff 80, 110, 25 and 21 ports. Matt Kettler
Re: remote logging Matt Kettler
Re: Problem to sniff 80, 110, 25 and 21 ports. giochi
running oinkmaster - Error: unable to download..... Snortty
Re: Problem to sniff 80, 110, 25 and 21 ports. Mike Cojocea
Re: Re: ACID alternative Michael Scheidell
Re: Is it really a HUB? Kristofer T. Karas
Problem to sniff 80, 110, 25 and 21 ports. giochi
RE: HTTP Packet Capture O'Flynn, Derek
RE: Problem to sniff 80, 110, 25 and 21 ports. O'Flynn, Derek
Preprocessor2 Mike Koponick
Format of Snort logs? Daniel Bartlett
Format of Snort logs? Daniel Bartlett
Re: Program that reads unified log format natively Ben Nelson
Re: Preprocessor2 Matt Kettler
RPM config dvid johnson
Re: RPM config Matt Kettler
Re: running oinkmaster - Error: unable to download..... Paul Schmehl
Re: Nachi false positives Paul Schmehl
Re: RPM config Daniel Wittenberg
Thursday, 30 October
Re: running oinkmaster - Error: unable to download..... Andreas Östling
Hot to see how many packets my snort is droping Philip Nedev
Installation of Snort Sensor edmund . li
Re: Hot to see how many packets my snort is droping Mark Nipper
Installation Problem Aryan D
Re: running oinkmaster - Error: unable to download..... Snortty
ids + umts Roberto Bosticardo
/etc/passwd request increase Sheahan, Paul
Re: running oinkmaster - Error: unable to download..... Snortty
perl script for snort keith greenhill
RPM config JOHNSON DAVID R
Snort Alerting Question ACiD
FW: generic bpf_rules_file Kaplan, Andrew H.
SANS Honeypot Webcast with Lance Spitzner Security Admin
CanSecWest/core04 Call For Papers Dragos Ruiu
Rogue DHCP servers Martin Jr., D. Michael
RE: Nachi false positives Martin Jr., D. Michael
RE: Rogue DHCP servers Kaplan, Andrew H.
sguil-0.3.0 Released Bamm Visscher
ACID Email alerts Krueger, Brian
RE: Rogue DHCP servers Martin Jr., D. Michael
Re: Rogue DHCP servers Jason Haar
Snort-supported link-layer types Michael L. Artz
Failed Snort Installation Stiles, Eric
unsubscribe Marty Hauser
RE: running oinkmaster - Error: unable to download..... Schmehl, Paul L
Re: Snort-supported link-layer types Jamie Dahl
Installation Problem Aryan D
Friday, 31 October
RE: Rogue DHCP servers Kaplan, Andrew H.
RE: ACID Email alerts Peters, Michael D.
RE: Rogue DHCP servers Martin Jr., D. Michael
Re: Rogue DHCP servers Bennett Todd
RE: Rogue DHCP servers Gilbert Mendoza
RE: Rogue DHCP servers Gilbert Mendoza
help required sharma krishna
Re: ICMP w/payload of 1472 zeroes Michael Sierchio
Re: Rogue DHCP servers Jon Hart
Unable to open rules file: reference.config or ./reference.config Fatal Error, Quitting.. David Durocher
Snort log format? Daniel Bartlett
RE: running oinkmaster - Error: unable to download..... Snortty
RE: Unable to open rules file: reference.config or ./reference.config Fatal Error, Quitting.. Michael Steele
Re: Snort log format? Frank Knobbe
anyone have a good Swen sig Philip Davidson
Error making config file for PHP --with-mssql swith Majwabu, Richard
RE: ACID Email alerts Schmehl, Paul L
Snort Lance, Jeff
Snort bild with MSSQL support Majwabu, Richard
RE: Snort bild with MSSQL support Schmehl, Paul L
Re: Snort Matt Kettler
Re: ACID Email alerts Lane LiaBraaten
Re: ACID Email alerts Ben Nelson
Spade/Spice and Snort? Mark . Schutzmann
Saturday, 01 November
Re: Failed Snort Installation Patrick Harper
[UPGRADING from 1.8.6] GDHough
RE: [UPGRADING from 1.8.6] Michael Steele
RE: Spade/Spice and Snort? Michael Steele
Re: [UPGRADING from 1.8.6] Patrick Harper
Strategic Change at Silicon Defense.com Michael Steele
Sunday, 02 November
Re: Installation of Snort Sensor edmund . li
RE: snort tcpdump binary file mirroing overnetwork. samwun
Re: [UPGRADING from 1.8.6] GDHough
RE: Spade/Spice and Snort? Mark . Schutzmann
Monday, 03 November
TCP header length exceeds packet length Erik Nyman
Strategic Change at Silicon Defense.com Michael Steele
Snort Install Pierce Chuck
TCP header length exceeds packet length Erik Nyman
session output Costas Magos
RE: Spade/Spice and Snort? Matt Kettler
RE: XML Plugins David Stubblefield
generic bpf_rules_file Bernard Duclot
Re: Snort-supported link-layer types Matt Kettler
Setting Up Policy-Based.rules file Kaplan, Andrew H.
Snort outside firewall Lane LiaBraaten
RE: Spade/Spice and Snort? Mark . Schutzmann
Re: session output Matt Kettler
Re: Setting Up Policy-Based.rules file Matt Kettler
Re: Snort outside firewall Mark . Schutzmann
RE: Setting Up Policy-Based.rules file Kaplan, Andrew H.
Snort on Zaurus ... jon baer
Re: Snort outside firewall Michael Sierchio
RE: Spade/Spice and Snort? Michael Steele
Update to previous e-mail Kaplan, Andrew H.
RE: Snort outside firewall Snort
Re: Update to previous e-mail Matt Kettler
RE: Spade/Spice and Snort? Michael Steele
RE: Update to previous e-mail Kaplan, Andrew H.
Re: TCP header length exceeds packet length mouss
Re: [Snort-sigs] anyone have a good Swen sig Brian A Kee
Re: TCP header length exceeds packet length Phil Wood
snort installation error edmund . li
Tuesday, 04 November
Re: snort installation error Ciprian Badescu
Snort Rules Fabio A. Bicudo Duarte
(no subject) Kaplan, Andrew H.
IDS Policy Manager 1.3.1 Build 46 Released Jeff Dell
RE: snort installation error Snort
welchia rule David Omar Ortega Aranda
RE: Snort Rules Snort
Re: session output Costas Magos
RE: [Snort-sigs] capture email Snort
Re: session output Costas Magos
Re: (no subject) Olaf Schreck
Snort 2.0.3 Chris Green
RE: welchia rule Schmehl, Paul L
Re: session output Erek Adams
Snort logging to encrypted MySQL (ssl) server? David DeCoster
RE: [Snort-sigs] capture email Snort
RE: [Snort-sigs] rules update question Snort
Re: Snort logging to encrypted MySQL (ssl) server? jon baer
Snort with IPSec Josh Berry
RE: welchia rule Leonard Miller
RE: RE: [Snort-sigs] capture email Schmehl, Paul L
Re: Snort logging to encrypted MySQL (ssl) server? Ben Nelson
Re: Snort logging to encrypted MySQL (ssl) server? David DeCoster
RE: Snort with IPSec O'Flynn, Derek
Re: Snort logging to encrypted MySQL (ssl) server? jon baer
RE: welchia rule Schmehl, Paul L
Re: Snort with IPSec Chris Green
Re: Snort logging to encrypted MySQL (ssl) server? David DeCoster
Re: Snort logging to encrypted MySQL (ssl) server? omi
Re: Snort with IPSec Josh Berry
Re: Snort with IPSec Matt Kettler
Snort, mysql and sockets _ 0kita
Re: Snort with IPSec Mark . Schutzmann
Re: Snort with IPSec Josh Berry
Snort logging to encrypted MySQL (ssl) server Jason Monroe "JC"
RE: welchia rule Leonard Miller
Compiling 2.0.3 (and 2.0.2) on Solaris 9 sparc Chris Garringer
RE: welchia rule John Impallomeni
RE: welchia rule Schmehl, Paul L
RE: welchia rule Schmehl, Paul L
Re: Compiling 2.0.3 (and 2.0.2) on Solaris 9 sparc Harry M. Leitzell III
RE: welchia rule, nachie and CyberKit 2.2 Jason Truong
Re: Snort with IPSec Jason Haar
2.0.3 strange problems Matt Kettler
Where to start snort from ????? kanwal
Re: Compiling 2.0.3 (and 2.0.2) on Solaris 9 sparc Erek Adams
RE: Where to start snort from ????? Michael Steele
Re: Snort with IPSec Frank Knobbe
Re: Snort logging to encrypted MySQL (ssl) server? Frank Knobbe
Upgrading to Snort 2.0.2 or 2.0.3 Egal A Egal - SA
Wednesday, 05 November
WINSNORT.com - Major Announcement - MSSQL Guides Michael Steele
Re: Compiling 2.0.3 (and 2.0.2) on Solaris 9 sparc Daniél Haslinger
Re: Snort logging to encrypted MySQL (ssl) server? Dirk Geschke
dropped packets Mark McDonagh
Fallacies and lies. Mark Penny
RE: Snort logging to encrypted MySQL (ssl) server? PPowenski
snort 2.0.3 on redhat 7.0 - seg. fault boka
RE: Fallacies and lies. Bob Walder
Improving overall performance of snort and stopping those drops Scott Zawalski
Re: Fallacies and lies. Edin Dizdarevic
Re: Improving overall performance of snort and stopping those drops Edin Dizdarevic
RE: Fallacies and lies. Rich Adamson
RE: (no subject) Kaplan, Andrew H.
Archive Leonard Miller
WINSNORT.com - Major Announcement - MSSQL Guides Michael Steele
Barnyard seems to do nothing Iain Hallam
looking into SNORT Scott Elgram
RE: RE: [Snort-sigs] capture email Ricardo Londono
Re: session output Costas Magos
Re: Archive Matt Kettler
Snort logging to encrypted MySQL (ssl) server? David DeCoster
Re: Upgrading to Snort 2.0.2 or 2.0.3 Erek Adams
RE: Fallacies and lies. Bob Walder
Re: Archive Erek Adams
Re: looking into SNORT Bryan Irvine
RE: looking into SNORT John Impallomeni
P2P Rules Martin Bündgens
Teaching Snort/Packet Analysis/Etc jon baer
RE: (no subject) Kaplan, Andrew H.
Re: looking into SNORT Mark . Schutzmann
Welchia/Nachi rule Schmehl, Paul L
Snort Wireless Sp0oKeR Labs
Test if Snort Work Correctly TOPTREND - Samuel de Oliveira
Re: Snort Wireless Michael Sierchio
Re: 2.0.3 strange problems Michael Scheidell
RE: welchia rule Mark . Schutzmann
Re: snort 2.0.3 on redhat 7.0 - seg. fault Erek Adams
Log all traffic? nick travis
Re: Log all traffic? Mark Nipper
Re: Fallacies and lies. Jason Haar
Re: Test if Snort Work Correctly Mark . Schutzmann
Re: [Snort-sigs] A tool like swatch Matt Kettler
Re: Log all traffic? Mark . Schutzmann
Re: Test if Snort Work Correctly Matt Kettler
Re: Log all traffic? Matt Kettler
Re: Log all traffic? Matt Kettler
Re: Snort Wireless jon baer
Re: Test if Snort Work Correctly jon baer
Re: Re: [Snort-sigs] A tool like swatch Edin Dizdarevic
Re: Log all traffic? jon baer
Re: output plugins... execute command? Matt Kettler
output plugins... execute command? David R.
Re: Snort with IPSec Josh Berry
Who doesn't care about virus rules, and why? kenw
Snort statistics in deamon mode BOUDON Franck TRANSPAC
RE: welchia rule Schmehl, Paul L
Re: Snort with IPSec Ravi Kumar
Re: Snort statistics in deamon mode Mark Nipper
SnortCenter can't control Snort Daniél Haslinger
RE: looking into SNORT Dingo
Thursday, 06 November
Re: 2.0.3 strange problems boka
Re: Snort logging to encrypted MySQL (ssl) server? boka
Problems compiling 2.0.3 on windows. snort user
RE: Fallacies and lies. Bob Walder
bittorrent generating alerts Daniel Guido
RE: Snort statistics in deamon mode Jeff Dell
RE: Who doesn't care about virus rules, and why? Williams Jon
RE: Snort bild with MSSQL support Majwabu, Richard
Re: Log all traffic? Sp0oKeR Labs
Building snort 2.0.3 on FreeBSD 4,8 Perrymon, Josh L.
Re: Who doesn't care about virus rules, and why? Iain Hallam
Re: Fallacies and lies. Marc Quibell
RE: Who doesn't care about virus rules, and why? Schmehl, Paul L
RE: Building snort 2.0.3 on FreeBSD 4,8 Schmehl, Paul L
RE: looking into SNORT Schmehl, Paul L
Re: Who doesn't care about virus rules, and why? kenw
General usage statistics Keith Irvin
A tool like swatch Sir Fenix
Log all nick travis
Fwd: Re: [Snort-sigs] A tool like swatch Sylvester
Re: [Snort-sigs] A tool like swatch Sir Fenix
strange behaviour of snort 2.0.3 lpj0508
Re: Building snort 2.0.3 on FreeBSD 4,8 Cristiano Deana
RE: Who doesn't care about virus rules, and why? Jason Haar
Re: Who doesn't care about virus rules, and why? Snortty
Barnyard Acid MySQL problem Billy Wright
RE: Who doesn't care about virus rules, and why? Williams Jon
Re: Barnyard Acid MySQL problem Robert Vance Jr
Re: 2.0.3 strange problems Michael Scheidell
RE: Barnyard Acid MySQL problem SRH-Lists
RE: Barnyard Acid MySQL problem SOLVED Billy Wright
Rule SID 1325 Matt Linton
logging to a remote MSSQL database Majwabu, Richard
Snort 2.0.4 Chris Green
trouble creating the ann-dir Rich Stryker
RE: Problems with the ordering inside the rules Adams, Samuel (contractor)
Re: Rule SID 1325 Brian
Re: Resolved- 2.0.3 strange problems Matt Kettler
Re: Problems with the ordering inside the rules Brian
Other patches I've not seen (was: Resolved- 2.0.3 strange problems) Kreimendahl, Chad J
Re: Other patches I've not seen Chris Green
RE: Other patches I've not seen Kreimendahl, Chad J
More explanation needed in Snort User Manual for "resp:"? Jason Haar
Windows 2.0.4 compile problems snort user
Re: More explanation needed in Snort User Manual for "resp:"? Jason Haar
Re: More explanation needed in Snort User Manual for "resp:"? Chris Green
Re: Snort 2.0.4 Daniel Wittenberg
Re: More explanation needed in Snort User Manual for "resp:"? Kristofer T. Karas
Re: More explanation needed in Snort User Manual for "resp:"? Jason Haar
Re: More explanation needed in Snort User Manual for "resp:"? Matt Kettler
MySQL Issues. Michael Thompson
Re: Welchia/Nachi rule Gabriel L. Somlo
Re: MySQL Issues. Craig Paterson
conversation and portscan2 timeout parameters Rohan Amin
Friday, 07 November
Re: Problems with the ordering inside the rules Sergio Talens-Oliag
Re:A tool like swatch Holger . Woehle
snort and proxy nosnos
Re: snort and proxy Michael Boman
snort email Nosnos
snort and email Nosnos
Re: snort and proxy Sp0oKeR Labs
Re: Snort Rules mouss
portscan traffic & acid wb
RE: RE: [Snort-users] Who doesn't care about virus rules, and why? Abe Use
PLEASE CC ME Stephan Weaver
My Snort get stuck when I stop/start many times. Pedro G . Méndez
RE: portscan traffic & acid Baxter, Anthony (ABAXTER)
Re: General usage statistics Harry M. Leitzell III
Re: MySQL Issues. Leonard Miller
Question about Ring PCAP\Snort\Environment Variables Mark Ewert
RE: Re: [Snort-users] Who doesn't care about virus rules, and why? Nick Duda
FlexResp Error snort
Question about Ring PCAP\Snort\Environment Variables Mark Ewert
Re: FlexResp Error jon baer
Re: Windows 2.0.4 compile problems snort user
Re: Question about Ring PCAP\Snort\Environment Variables Phil Wood
Followup question about Ring PCAP\Snort\Environment Variables Mark Ewert
RE: FlexResp Error snort
Ref Error 1067 Bill Kaminski
RE: Ref Error 1067 Michael Steele
Saturday, 08 November
Turbo patch/PACKET_RX_RING with 2.4.x kernels Scott Zawalski
Re: A tool like swatch Jim Brown
Re: PLEASE CC ME Leonard Miller
Re: PLEASE CC ME Sean Lazar
Re: PLEASE CC ME Erek Adams
Sunday, 09 November
installing snort with Mysql that has come with redhat 9 santosh bethi
Re: installing snort with Mysql that has come with redhat 9 Patrick Harper
Re: installing snort with Mysql that has come withredhat 9 jon baer
Re: Turbo patch/PACKET_RX_RING with 2.4.x kernels Phil Wood
Re: Message from the void Phil Wood
Monday, 10 November
Snort trap_snmp plugin jose alencar
scan.log and directory entry Robert Kriz
Snort not running Nyman Erik-IT-Enheten
RE: Snort not running Kaplan, Andrew H.
Packet size in snort log nick travis
RE: installing snort with Mysql that has come with redhat 9 Grejda, Eric
Re: Snort not running Josh Berry
Snort.conf variables Remus
Snort + Postgresql on Windows Erwin Van de Velde
Re: Snort not running Patrick Harper
RE: Snort not running Erik Nyman
RE: Snort not running Erik Nyman
Snort 2.0.4 on Solaris 8 John Creegan
Re: Snort.conf variables Matt Kettler
Re: Packet size in snort log Matt Kettler
RE: Snort not running Patrick Harper
Tuesday, 11 November
Setting Password for root while configuring mySQL santosh bethi
Re: Snort.conf variables Remus
Same SRC/DST 127.0.0.1 Derrenbacker, L. Jonathan
Alert_SMB Scott Elgram
Snort and Suse 8.2 wbnt
slahes in SQL statement a problem? Mike Couch
Re: Snort and Suse 8.2 Josh Berry
Re: Snort and Suse 8.2 Michael Schwartzkopff
Re: slahes in SQL statement a problem? jon baer
Re: Snort.conf variables Matt Kettler
Snort 2.0.4 and threshold Povel, Michael
Re: Snort.conf variables Erek Adams
RE: Snort 2.0.4 and threshold Marc Norton
RE: Setting Password for root while configuring mySQL Schmehl, Paul L
unknown keyword resp Hernandez, Marco
Re: unknown keyword resp Jeff Pricher
Re: unknown keyword resp Matt Kettler
RE: unknown keyword resp Hernandez, Marco
LogSnorter and Cisco router dlewis
Wednesday, 12 November
AW: Snort 2.0.4 and threshold Povel, Michael
Newbie Question on using snort IS Technical Services
p2p scans showing up as SCAN FIN and SCAN NMAP ?? John York
RES: Newbie Question on using snort Sp0oKeR Labs
Syn-Flood Frank Barton
Re: RES: Newbie Question on using snort Donna dm87
RE: RE: [Snort-users] Who doesn't care about virus r ules, and why? Williams Jon
RE: unknown keyword resp Matt Kettler
Re: Syn-Flood Matt Kettler
RE: Spade/Spice and Snort? Matt Kettler
Too much BAD TRAFFIC, LOOP TRAFFIC log messages MARIANO GABRIEL PARADA
Re: AW: Snort 2.0.4 and threshold Chris Green
New Sguil 0.3.0 Install Doc for FreeBSD 4.9 REL Richard Bejtlich
Re: Too much BAD TRAFFIC, LOOP TRAFFIC log messages Matt Kettler
basic question using idscenter Bruyere, Michel
Rob Flentge/Mechanicsburg/US/Exel is out of the office. Rob Flentge
snortsnarf problems Perrymon, Josh L.
Re: snortsnarf problems Matt Kettler
Re: Rob Flentge/Mechanicsburg/US/Exel is out of the office. [OT] Matt Kettler
Re: Rob Flentge/Mechanicsburg/US/Exel is out of the office. [OT] twig les
Thursday, 13 November
log messsage question Pete
question about TAG Slighter, Tim
Re: question about TAG Mark Nipper
Re: AW: Snort 2.0.4 and threshold Chris Green
Re: question about TAG Chris Green
RE: RE: [Snort-users] Who doesn't care about virus r ules, and why? Lohman, James
Re: basic question using idscenter Ueli Kistler
Xml output plugin for Win32 Carpenter, Scott (OCTO)
Standalone threshold Jason Linden
Re: [Snort-sigs] good settings for portscan preprocessor? Matt Kettler
Re: Xml output plugin for Win32 jon baer
Compiling under Debian... Tobias Rice
RE: Standalone threshold Schmehl, Paul L
RE: Standalone threshold adam.w.hogan
Re: Compiling under Debian... Alexander Schinner
Libnet make fatal error Shekar Reddy
Re: Compiling under Debian... Jon Hart
Re: Compiling under Debian... Tobias Rice
Snort/Logsnorter/PureSecure Cisco ACL's Dave Lewis
Friday, 14 November
Thanks to Patrick Harper Aryan D
not write alert file Hideki Hirata
Re: Libnet make fatal error Dirk Geschke
does snort detect ! Rahul
Nmap Gerson Sampaio
alert not write.!! Hideki Hirata
libnet fatal make error Shekar reddy
Alert Traffic Relative to Total Mark . Schutzmann
Re: not write alert file Matt Kettler
Re: does snort detect ! Matt Kettler
Re: Nmap Matt Kettler
Snort Machines Friesz, Ross
Re: 13. Snort Machines (Friesz, Ross) MARIANO GABRIEL PARADA
HELP! Is snort combining packets?? Sheahan, Paul
Flexible Response snort
Re: Snort Machines Stacy J. Brandenburg
Re: Snort Machines Duke Ionescu
Re: Flexible Response kongi
RE: Attack on snort running in Public Zone KS
Re: RE: Attack on snort running in Public Zone james
Newbie Cant run rules and needs config help Please attechni
Attack on snort running in Public Zone KS
stream4: logging characteristics Brian A Kee
packets sent to OWN IP Sharif Corinaldi
RE: RE: Attack on snort running in Public Zone Michael Steele
Re: RE: Attack on snort running in Public Zone Scot Scot
Re: Attack on snort running in Public Zone MH
RE: RE: Attack on snort running in Public Zone Michael Steele
RE: Attack on snort running in Public Zone Geoff Craig
Re: packets sent to OWN IP jon baer
RE: RE: Attack on snort running in Public Zone kanwal
Saturday, 15 November
Re: Rob Flentge/Mechanicsburg/US/Exel is out of the office. MH
[ACID-search-year] GDHough
Re: Nmap Mark Fagan
os x single user Donna dm87
Re: [ACID-search-year] Paul Schmehl
Sunday, 16 November
RE: RE: Attack on snort running in Public Zone james
RE: RE: Attack on snort running in Public Zone james
WINSNORT.com - Announcements (UNIX/Win32)! Michael Steele
Snort not outputting statistics on exit Mark Ewert
Figured it out!: Snort not outputting statistics on exit Mark Ewert
Re: Figured it out!: Snort not outputting statistics on exit Phil Wood
snort rules update Aryan D
Monday, 17 November
Re: snort rules update Dragos Ruiu
Re: not write alert file Hideki Hirata
Re: not write alert file Hideki Hirata
Re: Snort/Logsnorter/PureSecure Cisco ACL's Michael Scheidell
Strange Key Words wbradd
RE: RE: Attack on snort running in Public Zone james
snort drop rate cbit ian
RE: Attack on snort running in Public Zone Aaron
RE: Nmap Esler, Joel - Contractor
Re: Snort Machines Marc Quibell
Snort 2.0.4 on OpenBSD 3.4 is dropping packets dlbox
Re: not write alert file Josh Berry
database not getting updated M.D. DeWar
Multiple sensors - setup with SNORT and SNORTSNARF Rich Stryker
RE: Nmap MH
RE: Snort Machines Friesz, Ross
Re: packets sent to OWN IP Chris Green
Re: database not getting updated Josh Berry
How much can SNORT handle?? SNORT
Fiber Tap SNORT
RE: How much can SNORT handle?? Bob Walder
RE: Snort 2.0.4 on OpenBSD 3.4 is dropping packets JP Vossen
Time Based IDS Rules Josh Berry
graphing snort with acid M.D. DeWar
RE: Snort 2.0.4 on OpenBSD 3.4 is dropping packets SRH-Lists
Tuesday, 18 November
Re: not write alert file Hideki Hirata
ACID 0.9.6b24 inactive references link sebastien desse
SnortCenter : $EXTERNAL_NET value overwriten when updating configuration sebastien desse
RE: Time Based IDS Rules adam.w.hogan
Threshold/Suppression question Jason Linden
Wireless: Rules & Classification Christopher Lewis
var HTTP_PORTS and new rules Erik Nyman
Re: Attack on snort running in Public Zone crtech
RE: Attack on snort running in Public Zone Lucretia Enterprises Administrator
Suspected DoS: BAD TRAFFIC loopback traffic Bosse Klykken
AG M.D. DeWar
Re: Snort-users digest, Vol 1 #3751 - 9 msgs MARIANO GABRIEL PARADA
Re: Wireless: Rules & Classification jon baer
RE: Attack on snort running in Public Zone Michael Steele
New Email Address for cmg and other changes Chris Green
experimental ipv6 maxime feroul
RE: ACID 0.9.6b24 inactive references link Michael Steele
Re: Nmap Matt Kettler
Problem with Snort 2.0.4 and Snort Rules Mark Ewert
HP Printers - SNMP Public Access udp bdushok
Re: Strange Key Words Matt Kettler
Re: HP Printers - SNMP Public Access udp Mark . Schutzmann
Re: HP Printers - SNMP Public Access udp Jason
RE: Problem with Snort 2.0.4 and Snort Rules Mark Ewert
Re: Problem with Snort 2.0.4 and Snort Rules Matt Kettler
Re: Attack on snort running in Public Zone Matt Kettler
RE: Attack on snort running in Public Zone bmcdowell
Re: AG GDHough
wireless router with 4 port switch Fred McFeeters
RE: Attack on snort running in Public Zone Matt Kettler
RE: Attack on snort running in Public Zone Lucretia Enterprises Administrator
RE: Attack on snort running in Public Zone Jason Haar
Re: Attack on snort running in Public Zone Craig Paterson
password:curl: (6) Couldn't resolve host '' John Paul
Re: Problem with Snort 2.0.4 and Snort Rules Nigel Houghton
Wednesday, 19 November
Re: Nmap Mark Fagan
curl with ssl compilation problem Shekar reddy
Script for windows server Mario Guerendo
snortcenter install problem Shekar reddy
Snort on multiple interfaces STEPHEN W. COREY - 5535
RE: Attack on snort running in Public Zone Matt Kettler
curl with ssl problem Shekar Reddy
SNORT install problem Shekar Reddy
Re: Problem with Snort 2.0.4 and Snort Rules Matt Kettler
Re: Snort on multiple interfaces Martin Olsson
RE: Nmap bmcdowell
Re: Fiber Tap Matt Kettler
RE: Nmap Matt Kettler
Snort.conf Syntax Question Kaplan, Andrew H.
Re: Snort.conf Syntax Question Mark Nipper
Sec configuration file Sebastien Desse
Re: wireless router with 4 port switch Matt Kettler
snortcenter SWIT
Re: wireless router with 4 port switch twig les
rules error with @!#$ snortcenter SWIT
Re: Nmap Matt Kettler
Snort Optimization: Better to Pass a rule or Disable? Mark Ewert
help shut this line up: can't find httpd.h eric johnson
Re: help shut this line up: can't find httpd.h Paul Schmehl
how to convert tcpdump file back to its binary form Sarah Bassram
Thursday, 20 November
Porting of Snort on micro controller linux aravind babu
Re: snort rules update Aryan D
catching up on snort messages Jeff Nathan
RE: how to convert tcpdump file back to its binary form Richard Bejtlich
SNORT/LIBPCAP Lambeth, Darwin
Re: SNORT/LIBPCAP Edin Dizdarevic
SNORT and LIBPCAP Lambeth, Darwin
problem with snort installation Salvatore Pagano
installing snort - Red Hat 9 - basic questions Patrick Nicholls
Re: problem with snort installation Leonard Miller
RE: Nmap Marc Quibell
RE: SNORT and LIBPCAP Schmehl, Paul L
Attack on snort running in Public Zone crtech
compiling snort with --mssql option Majwabu, Richard
Snort 2.0.4 CPU Utilization\Optimization Mark Ewert
Re: compiling snort with --mssql option Leonard Miller
Re: compiling snort with --mssql option adam_peterson
Snort 2.0.5 has been released! Jeremy Hewlett
ACID Graphs Martin Jr., D. Michael
question about ICMP echo reply (undefinted code) rule Rob Burris
RE: Snort 2.0.4 CPU Utilization\Optimization Mark Ewert
RE: Snort 2.0.4 CPU Utilization\Optimization Kreimendahl, Chad J
Re: Libnet make fatal error Jeff Nathan
Re: question about ICMP echo reply (undefinted code) rule Matt Kettler
snort and suse 7.3 cat thrasher
Re: More explanation needed in Snort User Manual for "resp:"? Jeff Nathan
Re: snort and suse 7.3 Scott Zawalski
RE: ACID Graphs Mario Guerendo
How to read tdump.dat text file in snort? Sarah Bassram
Re: question about ICMP echo reply (undefinted code) rule Rob Burris
RE: snort and suse 7.3 Lambeth, Darwin
Linux Ring buffer packet capture vs. normal capture Scott Zawalski
Friday, 21 November
Re: Snort/Logsnorter/PureSecure Cisco ACL's Dave Lewis
Re: Snort 2.0.4 CPU Utilization\Optimization Edin Dizdarevic
Re: ACID Graphs cc
.i eth1 Timm Schneider
Re: Snort 2.0.4 CPU Utilization\Optimization Edin Dizdarevic
Monitoring traffic on 2 Interfaces Cabrera, Nestor (Contractor)
Snort logging problem Damiano Bolzoni
Design Document of Snort aravind babu
How to log on MySql Damiano Bolzoni
RE: Snort 2.0.4 CPU Utilization\Optimization Tim
How to stop snort? Damiano Bolzoni
Increase performance with filter or pass-rules Martin Olsson
RE: Snort 2.0.4 CPU Utilization\Optimization Mark Ewert
RE: Snort logging problem Bright, Mark IT2
RE: Monitoring traffic on 2 Interfaces Michael Steele
RE: How to log on MySql Snort
Re: Increase performance with filter or pass-rules Edin Dizdarevic
Snort Alerting issue ... Mark Fagan
Re: How to log on MySql jon baer
RE: Increase performance with filter or pass-rules SRH-Lists
RE: ACID Graphs Schmehl, Paul L
Re: .i eth1 Matt Kettler
Re: Snort 2.0.4 CPU Utilization\Optimization Edin Dizdarevic
Re: Snort 2.0.4 CPU Utilization\Optimization Matt Kettler
RE: Snort 2.0.4 CPU Utilization\Optimization Mark Ewert
RE: Snort 2.0.4 CPU Utilization\Optimization Kreimendahl, Chad J
Re: Snort 2.0.4 CPU Utilization\Optimization Jason Haar
Saturday, 22 November
Thresholding Erwin Van de Velde
RE: How to log on MySql Michael Steele
RE: How to log on MySql Michael Steele
Snort Alerting .. Mark Fagan
acid, postgres and freebsd Jeremy Hefner
Why are splay trees used in the preprocessors? Joe Smith
Why are splay trees used in the preprocessors? Joe Smith
got a little problem with acid and snort logging qodqod
RE: got a little problem with acid and snort logging Michael Steele
Sunday, 23 November
Re: Why are splay trees used in the preprocessors? Dragos Ruiu
RE: Why are splay trees used in the preprocessors? Jim Cervantes
Upgrading Snort 2.0.2 to 2.0.5 Derek (X-Networks)
compile error "parse error before `sa_family_t" mike
Re: Design Document of Snort Ravi Kumar
Monday, 24 November
Logging portscan on database Damiano Bolzoni
Visual layout of the db scheme (http://www.snort.org/docs/snortdb.png) Martin Olsson
Snort ICMP # 485 Timm Schneider
Testing problem, slow Bryan Taylor
Re: Logging portscan on database Leonardo Spalenza
RE: Visual layout of the db scheme (http://www.snort.org/docs/snortdb.png) Jeff Dell
Re: Snort ICMP # 485 Glenn Forbes Fleming Larratt
Size of RAM required to run Snort aravind babu
Re: Snort ICMP # 485 Timm Schneider
Re: Size of RAM required to run Snort Stein Boerge Sylvarnes
Testing problem bcptaylor
ANNOUNCEMENT: Snort-IDMEF-Plugin 1.2.1alpha released Sandro Poppi
Configuration of Flexresp2 Aryan D
Alert log file gandalf
Re: Size of RAM required to run Snort Matt Kettler
Re: Logging portscan on database Erwin Van de Velde
Snort Rules Singh,Manoj [Ontario]
Re: Logging portscan on database Josh Berry
small ? tomb
RE: small ? Jacob Roberts
small ? tomb
RE: small ? SRH-Lists
Demarc + Snort 2.0.4/5 Snort
IP country lookup tim0707
Trafic Filtering dlucio
Greetings list, this is my first post. Adriel T. Desautels
Re: Trafic Filtering Matt Kettler
Can Snort report on 'late collisions'? Bryce Stenberg
Re: Can Snort report on 'late collisions'? Matt Kettler
Snort 2.0.5 TCP Stream Fix Increases Performance Mark Ewert
Problem installing Barnyard with mySQL support Naman Latif
Re: Demarc + Snort 2.0.4/5 Kristofer T. Karas
Re: Problem installing Barnyard with mySQL support Adriel T. Desautels
Re: Demarc + Snort 2.0.4/5 Adriel T. Desautels
RE: Demarc + Snort 2.0.4/5 Snort
Re: Configuration of Flexresp2 Nerijus Krukauskas
Tuesday, 25 November
Re: Configuration of Flexresp2 Aryan D
RE: IP country lookup Potts, Ross A.
bad frag bits Samuel C. Adams
RE: IP country lookup Jeff Dell
Re: Problem installing Barnyard with mySQL support Christopher Lewis
Re: bad frag bits Brian
Re: bad frag bits Matt Kettler
Re: Configuration of Flexresp2 Jeff Nathan
snort inline && current rules. /dev/null
Can I still log every packet when thresholding the alerts? Williams Jon
ACID / ALERT console browsing issue Shekar Reddy
Re: Can Snort report on 'late collisions'? Bryce Stenberg
Re: snort inline && current rules. Matt Kettler
snort idmef plugin yuedong wu
Re: Can I still log every packet when thresholding the alerts? Jason Haar
Re: ACID / ALERT console browsing issue adam_peterson
does snort support token ring card Luo, Philip
Re: IP country lookup Tim
Re: snort inline && current rules. /dev/null
Re: snort inline && current rules. Jeff Nathan
Re: snort idmef plugin Matt Kettler
Re: snort inline && current rules. Matt Kettler
Multiple Win32 occurances? Rich Adamson
Re: does snort support token ring card Matt Kettler
Re: snort inline && current rules. /dev/null
RE: IP country lookup Matt Kettler
Re: Multiple Win32 occurances? Paul Schmehl
External Subnets adam_peterson
Re: External Subnets Matt Kettler
RE: Multiple Win32 occurances? Michael Steele
RE: Multiple Win32 occurances? Michael Steele
Re: External Subnets Erwin Van de Velde
RE: Multiple Win32 occurances? Paul Schmehl
Re: Multiple Win32 occurances? Rich Adamson
Re: External Subnets adam_peterson
RE: Multiple Win32 occurances? Michael Steele
Re: Multiple Win32 occurances? Paul Schmehl
RE: Multiple Win32 occurances? Paul Schmehl
Re: snort inline && current rules. Josh Berry
snort inline behavior /dev/null
AW: snort idmef plugin Poppi, Sandro
Wednesday, 26 November
Re: snort inline behavior /dev/null
Re: snort inline behavior Stephan Scholz
*very* many snort installations.. Mokum
Re: snort inline behavior /dev/null
Re: snort inline behavior Josh Berry
RE: Multiple Win32 occurances? Jacob Roberts
Re: snort inline behavior Stephan Scholz
Re: *very* many snort installations.. Shane Smith
flexresp - I have 2 stupid questions Rich Stryker
RE: Multiple Win32 occurances? Michael Steele
RE: *very* many snort installations.. Michael Steele
RE: Multiple Win32 occurances? Michael Steele
Snort Rules Singh,Manoj [Ontario]
Re: flexresp - I have 2 stupid questions Matt Kettler
RE: Multiple Win32 occurances? Schmehl, Paul L
RE: Snort Rules Michael Steele
MySQL Disconnects adam_peterson
Re: MySQL Disconnects Ben Nelson
Re: MySQL Disconnects/Mudpit adam_peterson
Re: Is it really a HUB? Petriz, Pablo
Re: Is it really a HUB? Matt Kettler
Passive Ethernet Tap. Peters, Michael D.
RE: MySQL Disconnects/Mudpit Michael Steele
RE: Multiple Win32 occurances? Michael Steele
Installing SnortCenter on a Windows 2000 machine Atkins, Dwane P
Re: [Snort-Users] Is it really a HUB? Finney Charles E
RE: Installing SnortCenter on a Windows 2000 machine Michael Steele
RE: flexresp - I have 2 stupid questions Rich Stryker
RE: flexresp - I have 2 stupid questions Matt Kettler
RE: flexresp - I have 2 stupid questions Michael Steele
Re: flexresp - I have 2 stupid questions Jeff Nathan
rules and the EXTERNAL_NET variable adam_peterson
RE: *very* many snort installations.. Jason Haar
RE: rules and the EXTERNAL_NET variable Schmehl, Paul L
Re: snort idmef plugin yuedong wu
See only code for php.test eric johnson
Any good tool for generating nice reports off a years worth of snort syslog data? Jason Haar
Thursday, 27 November
net.ipv4.ipfrag_time for Windows (and other OSs as well) Edin Dizdarevic
Question about negated and non-negated variables in rules J-H. Johansen
Re: Question about negated and non-negated variables in rules J-H. Johansen
RE: small ? tomb
snort & pppoe Jo
Re: Is it really a HUB? kenw
Snort not backdoored, Sourcefire not compromised Martin Roesch
Friday, 28 November
Re: Question about negated and non-negated variable s in rules corinth
Re: Announce: FLoP-1.0 --- Fast Logging Project for snort Dirk Geschke
Re: does snort support token ring card Martin Olsson
Announce: FLoP-1.0 --- Fast Logging Project for snort Dirk Geschke
MYSQL Error on Windows XP snort install Tim
Re: [Snort-Users] Is it really a HUB? kenw
OT but security related - world wide VPN /dev/null
Re: snort idmef plugin Matt Kettler
Re: does snort support token ring card Matt Kettler
RE: *very* many snort installations.. hugh_fraser
Re: Is it really a HUB? Matt Kettler
Re: Question about negated and non-negated variables in rules Matt Kettler
Re: [OT] Question about negated and non-negated variables in rules Matt Kettler
Re: Question about negated and non-negated variables in rules Jens-Harald Johansen
Re: Question about negated and non-negated variables in rules Matt Kettler
Re: Is it really a HUB? kenw
Re: Is it really a HUB? Matt Kettler
RE: Is it really a HUB? bmcdowell
Re: Is it really a HUB? kenw
new snort user Fred McFeeters
Saturday, 29 November
Re: new snort user james
Re: Question about negated and non-negated variables in rules Jens-Harald Johansen
ICMP REDIRECT HOST Paulius
Re: ICMP REDIRECT HOST Dirk Geschke
Re: ICMP REDIRECT HOST Paulius
Re: ICMP REDIRECT HOST Paulius
help Petrit Podrimja
snort-mysql, logging on TWO sql servers Michel Christophe
RE: help Michael Steele
Re: snort-mysql, logging on TWO sql servers Dirk Geschke
RE: snort-mysql, logging on TWO sql servers Michael Steele
RE: snort-mysql, logging on TWO sql servers Michael Steele
Thanks For All The Help (snort new user) Fred McFeeters
Sunday, 30 November
Rule to capture only packets with certain content/bytes Admin
snort 2.0.5 --with-mysql on a debian-system christian graf
Re: Rule to capture only packets with certain content/bytes Brian
Monday, 01 December
Again Gerson Sampaio
[Fwd: Re: snort-mysql, logging on TWO sql servers] Michel Christophe
Passive Tap Help Peters, Michael D.
Re: Question about negated and non-negated variables in rules Matt Kettler
Re: Question about negated and non-negated variables in rules J-H. Johansen
Re: Question about negated and non-negated variables in rules Matt Kettler
RE: Passive Tap Help Peters, Michael D.
Re: Passive Tap Help Frank Knobbe
Sig for Windows messenger service direct access? Gary Flynn
RE: Passive Tap Help Lists
RE: Passive Tap Help Frank Knobbe
RE: Passive Tap Help Frank Knobbe
Re: Passive Tap Help kenw
RE: Passive Tap Help Lists
RE: Passive Tap Help Frank Knobbe
Re: Passive Tap Help Jeff Nathan
Re: Passive Tap Help Frank Knobbe
RE: Passive Tap Help Frank Knobbe
Re: snort idmef plugin yuedong wu
(no subject) CGhercoias
SnortCenter and SnortSam unknown index
Re: snort idmef plugin Craig Paterson
Slightly OT: high speed packet generation software doug
Re: (no subject) Matt Kettler
Re: [Snort-sigs] PCRE Rules and hexa Jeremy Hewlett
Re: (no subject) Jim Brown
RE: Passive Tap Help Dirk Geschke
RE: Passive Tap Help Frank Knobbe
RE: Slightly OT: high speed packet generation softw are larosa, vjay
sguil.tk error sigtraq
Just one rule Marcin Krawiec
Tuesday, 02 December
passive tap christian graf
Re: Slightly OT: high speed packet generation software Dirk Geschke
Re: Announce: FLoP-1.0 --- Fast Logging Project for snort Dirk Geschke
Re: Slightly OT: high speed packet generation software Peter Schawacker
Re: Announce: FLoP-1.0 --- Fast Logging Project for snort (fwd) Dirk Geschke
Re: *very* many snort installations.. Adriel T. Desautels
Problem with compiling snort dunervst
Re: Announce: FLoP-1.0 --- Fast Logging Project for snort Bamm Visscher
RE: Problem with compiling snort Grejda, Eric
Problem with compiling snort dunervst
[Fwd: RE: Problem with compiling snort] Cedric Foll
conflict with alert types Jordi Vidal
Re: [Fwd: RE: Problem with compiling snort] Cedric Foll
need help jeremy chartier
Re: conflict with alert types Martin Olsson
Re: conflict with alert types Jordi Vidal
Re: sguil.tk error Bamm Visscher
Reporting - Network Analyzers Mike Koponick
Re: Passive Tap Help Jeff Nathan
Re: Reporting - Network Analyzers jon baer
Newbie Snort Questions Naman Latif
Oinkmaster v0.9 released. Andreas Östling
postgresql backend Nicholas Bernstein
Re: postgresql backend John Creegan
RE: Reporting - Network Analyzers James M. Driskell
Re: postgresql backend Bryan Irvine
Re: postgresql backend Frank Knobbe
RE: Reporting - Network Analyzers twig les
RE: MYSQL Error on Windows XP snort install Bright, Mark IT2
acid, sig_priority Nicholas Bernstein
Re: acid, sig_priority Chris Green
RE: MYSQL Error on Windows XP snort install Michael Steele
RE: MYSQL Error on Windows XP snort install Bright, Mark IT2
Re: MYSQL Error on Windows XP snort install Tim
Re: MYSQL Error on Windows XP snort install Jim Brown
RE: MYSQL Error on Windows XP snort install Bright, Mark IT2
Wednesday, 03 December
Re: Snort-users digest, Vol 1 #3790 - 8 msgs dunervst
RE: MYSQL Error on Windows XP snort install Michael Steele
RE: MYSQL Error on Windows XP snort install Michael Steele
RE: MYSQL Error on Windows XP snort install Michael Steele
RE: Passive Tap Help Frank Knobbe
RE: MYSQL Error on Windows XP snort install Jacob Roberts
XEXCH50 evasion rule parse problems? Erik Norman
Problem with compiling snort dunervst
Slightly OT: high speed packet generation Nordwall, Douglas J
Problem with SWATCH for Snort logs. Pedro G . Méndez
Re: Re: ACID / ALERT console browsing issue Josh Berry
Re: Any good tool for generating nice reports off a years worth of snort syslog data? Chris Keladis
snort & pppoe Jo
Makefile, line 484: Unexpected ... Sebastian Juraszek
RE: Re: ACID / ALERT console browsing issue Schmehl, Paul L
RE: MYSQL Error on Windows XP snort install snortmail
NMAP alerts bdushok
RE: Makefile, line 484: Unexpected ... Grime, Richard S
[snort-mysql] logging OK to logfile, not to mysql database Michel Christophe
rule update causes seg fault Josh . Sakofsky
RE: MYSQL Error on Windows XP snort install Bright, Mark IT2
oinkmaster Nicholas Bernstein
spp_rpc_decode Schmehl, Paul L
re: oinkmaster adam_peterson
Re: oinkmaster Andreas Östling
Question about hardware and software requirement for Snort 2.0.5 Ganbold
Re: snort idmef plugin yuedong wu
Re: Question about hardware and software requirement for Snort 2.0.5 twig les
Re: Slightly OT: high speed packet generation Jim Brown
Corrupt Snort Logging - Win32 Terminal Server 2000 Jim Robinson
Re: [snort-mysql] logging OK to logfile, not to mysql database Josh Berry
RE: Corrupt Snort Logging - Win32 Terminal Server 2000 Michael Steele
Re: spp_rpc_decode Josh Berry
RE: [snort-mysql] logging OK to logfile, not to mysql database Michael Steele
Thursday, 04 December
Snort and L2 Cache Irwan Hadi
RE: [snort-mysql] logging OK to logfile, not to mysql database Michel Christophe
RE: Corrupt Snort Logging - Win32 Terminal Server 2000 Jim Robinson
same source and destination Petrit Podrimja
Re: Snort and L2 Cache Brian . Cook
RE: Corrupt Snort Logging - Win32 Terminal Server 2000 John Tapparo
Re: postgresql backend Per-Erik Persson
RE: slashes in SQL statement a problem? wfz
Snort on OpenBSD -- finding mysqlclient library dlbox
Snort not working with mysql on a redhat machine Thomas Los
Snort Alert Help for Rule : SID=2 Naman Latif
RE: Snort on OpenBSD -- finding mysqlclient library robert schwartz
RE: Corrupt Snort Logging - Win32 Terminal Server2000 Michael Steele
RE: Snort Alert Help for Rule : SID=2 Jeff Dell
mysql.sock not found Shashank Bhide
RE: Snort Alert Help for Rule : SID=2 Naman Latif
RE: Snort on OpenBSD -- finding mysqlclient library dlbox
Re: Snort on OpenBSD -- finding mysqlclient library Jeff Nathan
FW:[Snort-users] RE: slashes in SQL statement a problem? wfz
RE: FW:[Snort-users] RE: slashes in SQL statement a problem? Michael Steele
RE: rule update causes seg fault McGuire, Dennis
RE:RE: [Snort-users] FW:[Snort-users] RE: slashes in SQL statement a problem? wfz
Log Rotation Keaton, Lindamaria
RE: RE:RE: [Snort-users] FW:[Snort-users] RE: slashes in SQL statement a problem? Michael Steele
arpspoof plug-in adam_peterson
Re: mysql.sock not found Dirk Geschke
Re: Snort and L2 Cache Dirk Geschke
Re: Snort and L2 Cache Matt Kettler
Re: Log Rotation JP Vossen
Friday, 05 December
Re: Log Rotation Stephane Nasdrovisky
(no subject) wfz
Re: Log Rotation (fwd) JP Vossen
flags SYN question... gfyspf () yahoo com
Re: flags SYN question... Brian
Re: Problem with compiling snort Dave Ellingsberg
Re: flags SYN question... Matt Kettler
Fast log but with payload size Damiano Bolzoni
Remote Sensor?? kerberos K
RE: Log Rotation Keaton, Lindamaria
RE:[Snort-users] Remote Sensor?? wfz
RE: Log Rotation JP Vossen
SHELLCODE Attacks Naman Latif
Re: SHELLCODE Attacks Matt Kettler
Re: SHELLCODE Attacks Erwin Van de Velde
Re: SHELLCODE Attacks Matt Kettler
Re: SHELLCODE Attacks Jeff Nathan
[Off topic] Traffic analysis Erwin Van de Velde
RE: RE:[Snort-users] Remote Sensor?? kerberos K
Re: SHELLCODE Attacks Matt Kettler
AW: snort & pppoe Jo
RE: SHELLCODE Attacks Naman Latif
Windows 2000 Terminal Snort Issues Jim Robinson
Pre-Processor Alerts based on Traffic Flow Direction Naman Latif
RE: Re: Log Rotation (fwd) Michael Steele
RE: [Off topic] Traffic analysis Richard Bejtlich
RE: [Off topic] Traffic analysis Richard Bejtlich
Re: spp_rpc_decode Jeremy Hewlett
Re: spp_rpc_decode Paul Schmehl
Saturday, 06 December
Re: spp_rpc_decode Chris Green
Sunday, 07 December
Paul CTR Passey/AEA/CNTR/FAA is out of the office. Paul . CTR . Passey
Monday, 08 December
Re: [Snort-devel] number of packets processed is mis-calculated under Linux Phil Wood
-l parameter adam_peterson
Re: -l parameter Dirk Geschke
Re: -l parameter Chris Keladis
Re: -l parameter adam_peterson
RE: -l parameter Michael Steele
Re: [Snort-sigs] To drop packets JP Vossen
Help Libalele, Silulami S
Looking for recommendations for distributed Snort GiGE Sensors (network architecture described in message) Landon Stewart
Tuesday, 09 December
RE: Looking for recommendations for distributed Snort GiGE Sensors (network architecture described in message) Tim
Snort-reports update Pieter Claassen
html post question Rich Adamson
Re: -l parameter adam_peterson
Re: -l parameter John Creegan
Improving ACID DB Performance via Plug-In Keith W. McCammon
RE: -l parameter Ed Callahan
Re: html post question Matt Kettler
Re: Help Patrick S. Harper - CISSP
Re: Help Milo Velimirovic
MSSQL, linux, odbc Ryan Potts
To discuss: FLoP and missing database Dirk Geschke
snort-users () lists sourceforge net sama
Re: snort-users () lists sourceforge net Matt Kettler
Re: snort-users () lists sourceforge net twig les
Re: -l parameter adam_peterson
Re: -l parameter twig les
Re: Help Patrick S. Harper - CISSP
RE: -l parameter Ed Callahan
RE: Help Libalele, Silulami S
Wednesday, 10 December
Re: -l parameter Dirk Geschke
Re: [Snort-devel] To discuss: FLoP and missing database (fwd) Dirk Geschke
RE: -l parameter Antonio Costa
Re: Help David Alonso De La Vega Tapage
Snort 1.8.7 does not log anything (OS: SuSE 8.1) Ralf Mellis
Prelude Hybrid IDS Mahdi Kefayati
IMAGES? Libalele, Silulami S
RE: Snort 1.8.7 does not log anything (OS: SuSE 8.1) Michael Steele
Re: Prelude Hybrid IDS Matt
starting snort-Mysql on Mandrake 9.2 Michel Christophe
Re: starting snort-Mysql on Mandrake 9.2 Dirk Geschke
Re: IMAGES? Matt Kettler
Snort IDS Lambeth, Darwin
Re: Snort IDS Matt Kettler
Snort Sensor Hardware Jason Alexander
RE: Snort IDS Lambeth, Darwin
RE: Snort Sensor Hardware robert schwartz
Re: Snort Sensor Hardware Matt Kettler
RE: Snort Sensor Hardware CGhercoias
RE: Snort Sensor Hardware SRH-Lists
RE: Snort Sensor Hardware Michael Steele
RE: Snort Sensor Hardware Matt Kettler
RE: Snort Sensor Hardware CGhercoias
Remote NIDS Grammer, Christopher S
Re: Snort Sensor Hardware Brian
Re: Snort Sensor Hardware Jason Alexander
Re: Snort Sensor Hardware Matt Kettler
Re: Remote NIDS Sp0oKeR Labs
Database output Erwin Van de Velde
Snort, Mysql purging Jack Snedecor
Visual Basic excel graph Mario Guerendo
Re: Snort, Mysql purging Josh Berry
Re: Snort, Mysql purging Frank Knobbe
src/snortman.tex Ted Rolle
RE: Looking for recommendations for distributed Snort GiGE Sensors (network architecture described in message) Val P
RE: Looking for recommendations for distributed Snort GiGE Sensors (network architecture described in message) Michael Steele
Re : src/snortman.tex Saravanan
Re: Snort-users digest, Vol 1 #3813 - 6 msgs Arif OZGUR
Thursday, 11 December
Re: src/snortman.tex Dirk Geschke
Re: Remote NIDS Dirk Geschke
Snort deamon mode packet drop's statistic Thomas Reisinger
Re: Snort deamon mode packet drop's statistic Dirk Geschke
os fingerprinting again Raber
Re: Snort 1.8.7 does not log anything (OS: SuSE 8.1) Ralf Mellis
Re: Database output Dirk Geschke
RE: Snort deamon mode packet drop's statistic Thomas Reisinger
Re: Snort, Mysql purging Mark Fagan
Re: Snort deamon mode packet drop's statistic Dirk Geschke
Alerting concept... peter . grosse-hering
RE: Snort deamon mode packet drop's statistic Thomas Reisinger
a couple of questions Giannakis Eleftherios
Re: Snort Sensor Hardware Jason
Possible false positive? Harry M
Re: Snort 1.8.7 does not log anything (OS: SuSE 8.1) Ralf Mellis
Rule causes a Segmentation Fault SN ORT
Re: Database output Erwin Van de Velde
Re: Database output Dirk Geschke
Re: Snort deamon mode packet drop's statistic Dirk Geschke
Re: a couple of questions Matt Kettler
RE: Snort deamon mode packet drop's statistic Michael Steele
RE: Snort 1.8.7 does not log anything (OS: SuSE 8.1) Michael Steele
RE: Database output Hutchinson, Andrew
Re: Database output Erwin Van de Velde
Re: Database output Erwin Van de Velde
Office application cause false Nachi signature Elijah Savage
RE: a couple of questions DeBerry, Casey
sniffing on two NIC simultaneously KS
Re: Snort 1.8.7 does not log anything (OS: SuSE 8.1) JP Vossen
Re: Possible false positive? Josh Berry
RE: Looking for recommendations for distributed Snort GiGE Sensors (network architecture described in message) Jason Haar
Re: Remote NIDS Paul Schmehl
Re: sniffing on two NIC simultaneously Matt Kettler
FW: Snortsnarf: First_Last undefined David Newsom
RE: FW: Snortsnarf: First_Last undefined Michael Steele
RE: Looking for recommendations for distributed Snort GiGE Sensors (network architecture described in message) Landon Stewart
RE: Looking for recommendations for distributed Snort GiGE Sensors (network architecture described in message) Landon Stewart
RE: FW: Snortsnarf: First_Last undefined Michael Steele
Syslog Alert format? JP Vossen
RE: IMAGES? Libalele, Silulami S
Runtime memory problem with snort-inline 2.0.2 aravind babu
Problem !! Pass command doesn't work 이지훈
RE: IMAGES? Michael Steele
Friday, 12 December
Re: a couple of questions Giannakis Eleftherios
Re: Office application cause false Nachi signature Brian
Re: Syslog Alert format? Ralf Spenneberg
Re: Using ACID AND SnortSnarf - How? Ralf Spenneberg
Top rules Ed Smith
error M.D. DeWar
Re: error Matt Kettler
HP Digital Sender Michael . Mulholland
RE: error Mike Koponick
Re: HP Digital Sender Matt Kettler
(no subject) Andrew Sergeyev
0.x.x.x source IP snort
Some odd traffic. Matt Linton
Snort-Mysql and ssl Michel Christophe
Re: Some odd traffic. twig les
Using ACID AND SnortSnarf - How? Ralf Henze
MySQL Connection Dropping adam_peterson
RE: Pushing MAC addreses from Snort into SQL .. Michael Chapman
Re: Snort 2.1 Jeremy Hewlett
snort just stop when more 32000 alerts (different IPs) aregenerated maguiler () cantv net
Re: snort just stop when more 32000 alerts (different IPs) aregenerated twig les
Re: 0.x.x.x source IP Rob Schrack
(no subject) Russell Fulton
Snort 2.1 Kerry Cox
Saturday, 13 December
Re: Snort 1.8.7 does not log anything (OS: SuSE 8.1) Ralf Mellis
Newbie question on gnutella rule Chris Hoover
Snort and APF firewall Virgil Iancu
Snort and APF firewall Virgil Iancu
Re: Newbie question on gnutella rule Josh Berry
plain text in content option triggering false alerts Dan
Help!!! Mario Guerendo
Re: Snort and APF firewall Matt Kettler
portscan2 log alerts Virgil Iancu
Re: Newbie question on gnutella rule Michael Boman
Sunday, 14 December
Getting Snort to work with http://www.mynetwatchman.com/ news
Rule to pass ARP? Toby Rodwell
Re: Rule to pass ARP? Matt Kettler
RE: Rule to pass ARP? Toby Rodwell
Problem in accessing ACID homepage Ramesh Patil
Monday, 15 December
Logging of TCP and UDP packets? Libalele, Silulami S
Problem with settin up Snort on win XP Sjögren Claes
SMTP subject tracking Keith Irvin
RE: Possible false positive? Harry M
Strange ICMP traffic. Perhaps a worm? Harry M
snort just stop when more 32000 alerts (different IPs) aregenerated maguiler () cantv net
RE: Problem with settin up Snort on win XP Michael Steele
ACID & MySQL (Sensor) David Newsom
RE: Strange ICMP traffic. Perhaps a worm? adam.w.hogan
Re: Strange ICMP traffic. Perhaps a worm? Shane Smith
RE: Strange ICMP traffic. Perhaps a worm? CGhercoias
Import 1 snortdb into another for "1 place monitoring" STEPHEN W. COREY - 5535
RE: ACID & MySQL (Sensor) Michael Steele
RE: Strange ICMP traffic. Perhaps a worm? Jack McCarthy
unknown preprocessor "http_inspect" Dirk Sachse
RE: Import 1 snortdb into another for "1 place monitoring" Michael Steele
RE: unknown preprocessor "http_inspect" Michael Steele
Re: unknown preprocessor "http_inspect" Ralf Spenneberg
RE: ACID & MySQL (Sensor) David Newsom
exact phrase match Dan
Re: exact phrase match Matt Kettler
Re: exact phrase match Brian
Re: exact phrase match Sean Lazar
Re: exact phrase match Divyang Desai
Re: exact phrase match Paul Schmehl
Re: exact phrase match Nerijus Krukauskas
Tuesday, 16 December
Re: exact phrase match Brian
Upgrading Snortalog.pl v1.9 to v2.0.0??? Snortty
Cutia sigura Virgil Iancu
Re: exact phrase match adam_peterson
Not logging ICMP with logto: Toby Rodwell
Re: Remote Sensor?? Valter Santos
Re: Upgrading Snortalog.pl v1.9 to v2.0.0??? jérémy chartier
oinkmaster.conf enterred disablesid - get enbalbed Snortty
Re: oinkmaster.conf enterred disablesid - get enbalbed Andreas Östling
New version of FLoP: 1.0.6 Dirk Geschke
rpm installation mysql support Richard Worwood
Re: rpm installation mysql support Daniel Wittenberg
Re: rpm installation mysql support twig les
Re: Help!!! Jim Brown
Re: Strange ICMP traffic. Perhaps a worm? Jim Brown
Wednesday, 17 December
Updating signatures in IDS policy Manager Michael . Mulholland
RE: Updating signatures in IDS policy Manager Jeff Dell
Snort Database Joshua R. Jones
WEB-MISC ?open access Elena Escolano Torner
multiple ports in rule Bryan Irvine
ARP poisoning and sniffing in a Switched Network CGhercoias
Problem with "Established" keyword Ryan Russell
Rule order? Toby Rodwell
Re: ARP poisoning and sniffing in a Switched Network twig les
Re: multiple ports in rule Matt Kettler
ACID - PHP Mike Koponick
Weird stuff when compiling snort w/ MySQL support Michael Chapman
Another Not IPv4 Datagram Mike Maki
RE: Weird stuff when compiling snort w/ MySQL support Michael Chapman
CanSecWest/core04 Really Really Last CFP Dragos Ruiu
Re: Problem with "Established" keyword Chris Green
Re: Problem with "Established" keyword Ryan Russell
Re:Snort-users digest, Vol 1 #3831 - 5 msgs Richard St John
Thursday, 18 December
running snort under LIDS Raber
Re: Rule order? Ralf Spenneberg
Re: ACID - PHP Daniel A. Melo
Barnyard 0.1.0 and the "unable to find mysqlclient library" issue John Whitson
Snort 2.1.0 is now available! Jeremy Hewlett
Snort 2.0.6 is available! Jeremy Hewlett
Re: Problem with "Established" keyword Chris Green
W32/Sober.b snort rule jbendure
Snort on Suse linux 9.0 KS
bad calculation of the amount of drop Roberto Bosticardo
Re: ACID - PHP tslighter
Supress creation of directories by ip Cedric Foll
Re: Supress creation of directories by ip twig les
W32/Yaha-Y Worm jbendure
RE: W32/Yaha-Y Worm CGhercoias
RE: W32/Yaha-Y Worm CGhercoias
Re: running snort under LIDS Demetri Mouratis
New Version Timm Schneider
Re: New Version Jeremy Hewlett
RE: New Version Michael Chapman
RE: New Version Michael Chapman
re: Snort 2.1.0 is now available! adam_peterson
Re: New Version Timm Schneider
RE: re: Snort 2.1.0 is now available! Kreimendahl, Chad J
Re: New Version Bennett Todd
RE: RE: [Snort-users] re: Snort 2.1.0 is now available! Kreimendahl, Chad J
Re: exact phrase match Dan
RE: RE: [Snort-users] re: Snort 2.1.0 is now available! adam_peterson
RE: exact phrase match Schmehl, Paul L
PCRE plugin for exact phrase match Dan
Friday, 19 December
snort 2.1.0 does not compile on FreeBSD 4.8 henk
Version 2.1.0 -u switch Brian Blake
Re: PCRE plugin for exact phrase match Brian
Re: snort 2.1.0 does not compile on FreeBSD 4.8 Bamm Visscher
Re: snort 2.1.0 does not compile on FreeBSD 4.8 Bamm Visscher
Acid access problem! lsderio lsderio
Re: Acid access problem! Erwin Van de Velde
Re: Re: [Snort-users] snort 2.1.0 does not compile on FreeBSD 4.8 Jeremy Hewlett
RE: Acid access problem! CGhercoias
Snort 2.0.5 dropping packets Sheahan, Paul
flow and flow-portscan in Snort 2.1 Matthew L. McCarty
No alert_smb in 2.1.0? Mike Maki
Re: Snort 2.0.5 dropping packets Matt Kettler
Snort 2.1.0 with snortcenter v1.0 Friesz, Ross
PCRE adam.w.hogan
Re: No alert_smb in 2.1.0? Matt Kettler
RE: Snort 2.1.0 with snortcenter v1.0 Jim Cervantes
Re: PCRE Brian
Re: RE: [Snort-users] re: Snort 2.1.0 is now available! Jacques Brierre
snort 2.1.0 compile issues Jeremy Hewlett
Re: snort 2.1.0 compile issues Bamm Visscher
MYSQL Error Dan Ferris
ERROR: ERROR /snortcenter/rules/snort.eth0.conf (88): Bad arguments to byte_test: Brian Toovey
(no subject) JP Vossen
Saturday, 20 December
Re: No alert_smb in 2.1.0? Frank Knobbe
Re: No alert_smb in 2.1.0? Brian
question about spp stream4 retransmission Michel Christophe
Re: MYSQL Error Paul Schmehl
Re: ERROR: ERROR /snortcenter/rules/snort.eth0.conf (88): Bad arguments to byte_test: Paul Schmehl
Re: snort 2.1.0 compile issues Jeremy Hewlett
Re: NMAP alerts Maarten Van Horenbeeck
Re: RE: BAD-TARFFIC Loopback traffic JP Vossen
Re: No alert_smb in 2.1.0? Frank Knobbe
Re: snort 2.1.0 compile issues Henk Wevers
problem with Netssl Giannakis Eleftherios
ICMP Time-To-Live Exceeded in Transit Erwin Van de Velde
Re: ERROR: ERROR /snortcenter/rules/snort.eth0.conf (88): Bad arguments to byte_test: Brian Toovey
Sunday, 21 December
Snort 2.1.0 + Solaris issues Erek Adams
Re: [Snort-devel] Snort 2.1.0 + Solaris issues Jeremy Hewlett
Snort, SuSE, Novell and Ximian Tom Fulton
RE: Snort, SuSE, Novell and Ximian Jerry Shenk
RE: ACID - PHP Jerry Shenk
RE: snort just stop when more 32000 alerts (different IPs) aregenerated Jerry Shenk
Turning off signatures Jeff Kell
Re: Turning off signatures twig les
Monday, 22 December
Re: Acid access problem! Mark Fagan
Re: snort just stop when more 32000 alerts (different IPs) aregenerated J-H. Johansen
ICMP L3retriever Ping Özgüç Bayrak
RE: ICMP L3retriever Ping Jordan, Jason A
flow-portscan data Matthew L. McCarty
Re: flow-portscan data Matt Kettler
Issue with SNORT running for more that 3-4 days Kumar, Manoj
(no subject) Kumar, Manoj
Combining two FreeBSD interfaces using Netgraph, part 2 Richard Bejtlich
Re: flow-portscan data Matthew L. McCarty
Fix for 2.1 sp_session.c Kenneth Ingham
Tuesday, 23 December
snort 2.01 + guardian 1.7 and 1.6 problem mik sib
Tagged packets in logs Russell Fulton
ICMP Time-To-Live Exceeded in Transit Erwin Van de Velde
Re: ICMP Time-To-Live Exceeded in Transit Edin Dizdarevic
Flexresp2 installation and configuration Problem RAJNEEL DHOTRE
Re: ICMP Time-To-Live Exceeded in Transit Erwin Van de Velde
Re: ICMP Time-To-Live Exceeded in Transit Edin Dizdarevic
Rules Gerson Sampaio
RE: Tagged packets in logs Grejda, Eric
RE: Rules CGhercoias
Performance again Edin Dizdarevic
Re: Performance again Brian
Re: Rules Matt Kettler
Re: Flexresp2 installation and configuration Problem Matt Kettler
ERROR /etc/snort/snort.eth1.conf (88): Mike Philip
Re: Performance again Edin Dizdarevic
Re: ERROR /etc/snort/snort.eth1.conf (88): Matt Kettler
[OT] broken autoresponder to list posts at ofcom.org.uk Matt Kettler
Re: Performance again Matt Kettler
Re: Performance again Edin Dizdarevic
Re: Performance again Matt Kettler
Re: Rules Andreas Östling
Snort mysql with no ip interface snort
Re: Performance again Lawrence Reed
Suppression how-to help Bradberry, John
Re: Performance again Edin Dizdarevic
Access is denied Takisha Harper
BAD-TRAFFIC loopback traffic Alert is NOW TFTPGET passwd Matthew L. McCarty
RE: BAD-TRAFFIC loopback SRH-Lists
Re: Performance again Matt Kettler
Help to configure SNORT Lorenzo Rossi
Re: Help to configure SNORT Matt Kettler
Re: Help to configure SNORT Lorenzo Rossi
heavily switched networks Stewart Larsen
Re: heavily switched networks twig les
Problem with snort 2.1.0 and redhat 9 Lang Hoang
error: unknown keyword resp agnelo d
Wednesday, 24 December
Re: Problem with snort 2.1.0 and redhat 9 Erek Adams
Re: heavily switched networks Stewart Larsen
Re: heavily switched networks Erek Adams
Re: Help to configure SNORT Matt Kettler
Re: heavily switched networks Stewart Larsen
compiling snort 2.1 Victor Lamptey
Re: heavily switched networks Erek Adams
Re: heavily switched networks twig les
RE: Problem with snort 2.1.0 and redhat 9 Lang Hoang
RE: Problem with snort 2.1.0 and redhat 9 Erek Adams
Bad Traffic, Port 0 Martin Bündgens
Re: Bad Traffic, Port 0 Matt Kettler
Wanting to run Snort on DMZ Michael Thompson
Re: Bad Traffic, Port 0 Stewart Larsen
Re: Bad Traffic, Port 0 Martin Bündgens
heavily switched networks Russell Fulton
Re: Bad Traffic, Port Josh Berry
Re: Wanting to run Snort on DMZ Josh Berry
Re: Bad Traffic, Port Martin Bündgens
Re: 2 Wanting to run Snort on DMZ mike
Snort on home DSL connection Bell, Josh
Thursday, 25 December
Snort-Snmp Glenn Mansfield Keeni
Re: Flexresp2 installation and configuration Problem RAJNEEL DHOTRE
Re: Bad Traffic, Port 0 Erwin Van de Velde
Re: Snort on home DSL connection Erek Adams
snort: unknown keyword resp agnelo d
Friday, 26 December
snort speed snort
error : unknown keyword resp Agnelo D'souza
Saturday, 27 December
Build problem (Snort 2.1.0, pcre 4.3) Jeff Kell
Sunday, 28 December
Help with config Michael Thompson
Re: Help with config Rich Adamson
droped packets khaled fawzy
Re: Help with config peter
RE: Snort on home DSL connection Bell, Josh
snort: unknown keyword resp Avinash K
unknown keyword resp Avinash K
Snort is not logging my port scans Abe Froman
Snort not logging port scans Abe Froman
Monday, 29 December
Snort restart? Özgüç Bayrak
SWATCH or a program to send the alerts to my mail! soldier Mx
Is it an real attack ? RSA
Re: SWATCH or a program to send the alerts to my mail! Edin Dizdarevic
Re: Snort restart? Edin Dizdarevic
Re: Flexresp2 installation and configuration Problem Matt Kettler
Choosing Linux Platform for a Snort deployment John Cunningham
Re: Choosing Linux Platform for a Snort deployment Bennett Todd
CyberKit 2.2 Ping, its driven me Nuts.. Chris N
Re: CyberKit 2.2 Ping, its driven me Nuts.. Roberto Suarez Soto
Re: CyberKit 2.2 Ping, its driven me Nuts.. Erwin Van de Velde
Re: CyberKit 2.2 Ping, its driven me Nuts.. Bryan Irvine
Re: CyberKit 2.2 Ping, its driven me Nuts.. Erwin Van de Velde
Re: CyberKit 2.2 Ping, its driven me Nuts.. Erwin Van de Velde
RE: CyberKit 2.2 Ping, its driven me Nuts.. CMartin
Re: CyberKit 2.2 Ping, its driven me Nuts.. dlbox
RE: CyberKit 2.2 Ping, its driven me Nuts.. Michael Steele
Re: CyberKit 2.2 Ping, its driven me Nuts.. Bryan Irvine
RE: CyberKit 2.2 Ping, its driven me Nuts.. Bryan Irvine
Re: Is it an real attack ? Nigel Houghton
RE: CyberKit 2.2 Ping, its driven me Nuts.. Thompson, Jimi
Re: snort speed Matt Kettler
Re: droped packets Matt Kettler
Re: CyberKit 2.2 Ping, its driven me Nuts.. Matthew L. McCarty
Snortsam / Portscanning Detection Tuomas Groves
Re: CyberKit 2.2 Ping, its driven me Nuts.. Alexander Hampel
SID 1841 Romano, Chris
SID 1841 Romano, Chris
RE: Snort, SuSE, Novell and Ximian Steve Knoch
Snort 2.1 Problems with unicode.map Mark Totsch
IDS Robert A. Desautels
Re: IDS Matthew L. McCarty
RE: CyberKit 2.2 Ping, its driven me Nuts.. CGhercoias
Re: IDS ***Spoofed Message*** Adriel T. Desautels
Re: Snortsam / Portscanning Detection Frank Knobbe
RE: Snort 2.1 Problems with unicode.map CMartin
Re: Archive? Jeff Kell
xml plugin Neal Timm
error in webmin agnelo d
Tuesday, 30 December
WinSnort and MSSQL Problem Uso
Re: SCAN UPnP service discover attempt Michael . Mulholland
RE: Re: SCAN UPnP service discover attempt Brian F. Vaughan
Re: SCAN UPnP service discover attempt Michael . Mulholland
RE: Snort 2.1 Problems with unicode.map STEPHEN W. COREY - 5535
Snort Upgrade and Flexresp Aryan D
Snort mysql with no ip interface Scott Carpenter
ID'ing loopback spoof Blake.Fithen
Win32 Error: service is not responding to the control function Michael Steele
where can I find ms_unicode_generator.c for snort-2.1.0 Koay Y.Chen
Re: CyberKit 2.2 Ping, its driven me Nuts.. lindsay . hunt
SNORT Fortune 1000 auto17766
Help to configure SNORT Lorenzo Rossi
(http\_inspect) NON-RFC DEFINED CHAR Martin Hess
rule in web-iis.rules causes snort 2.0.0 to die Crowell, Gary
Snort - mysql configuration missing mysql.h header files obelknobe 1
spp_portscan2 and 2.0.6 Ron Shuck
Win32 Error: service is not responding to the control function michaels
snort 2.1.0 + OpenBSD = no compile spoofy
heavily switched network questions Stewart Larsen
Barnyard 0.1.0 and the "unable to find mysqlclient library" issue John Whitson
RE: (http\_inspect) NON-RFC DEFINED CHAR CMartin
Re: (http\_inspect) NON-RFC DEFINED CHAR Jeff Kell
Re: snort 2.1.0 + OpenBSD = no compile Dirk Geschke
RE: error in webmin Shaffer, Paul D
Managing many sensors robert schwartz
RE: WinSnort and MSSQL Problem Michael Steele
RE: Win32 Error: service is not responding to the control function snortmail
RE: WinSnort and MSSQL Problem snortmail
Bus error on Solaris/Sparc with spo_database.c Paul van Empelen
RE: WinSnort and MSSQL Problem Chris Reid
Re: Snort-users digest, Vol 1 #3857 - 5 msgs adam_peterson
ATTACK-RESPONSES id check returned root Romano, Chris
Re: ATTACK-RESPONSES id check returned root sam
FW: (http\_inspect) NON-RFC DEFINED CHAR CMartin
RE: WinSnort and MSSQL Problem Michael Steele
Re: FW: (http\_inspect) NON-RFC DEFINED CHAR Jeff Kell
Re: heavily switched network questions Josh Berry
Thresholding the Cyberkit ICMP Ping rule Brice B
Re: WinSnort and MSSQL Problem Uso
RE: WinSnort and MSSQL Problem Michael Steele
Re: WinSnort and MSSQL Problem Uso
Re: WinSnort and MSSQL Problem Brice B
Wednesday, 31 December
SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Chris N
Anybody using the react keyword in 2.1? David Gianndrea
RE: WinSnort and MSSQL Problem Majwabu, Richard
RE: WinSnort and MSSQL Problem Shaffer, Paul D
Re: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. Jeff Kell
RE: SUMMARY, CyberKit 2.2 Ping, its driven me Nuts.. bmcdowell
Re: heavily switched network questions Josh Berry
Help henrique
Re: SNORT Fortune 1000 tetsujin
Re: Snortsam / Portscanning Detection christian graf
Snor logging to mysql with no ip on monitored interface snort
RE: heavily switched network questions SRH-Lists
RE: Snor logging to mysql with no ip on monitored interface Shaffer, Paul D
Http_inspect: allow_proxy_use/no_alerts Martin McKeay
New Snort User Benny Late
RE: WinSnort and MSSQL Problem Michael Steele
RE: Snor logging to mysql with no ip on monitored interface Michael Steele
RE: Snor logging to mysql with no ip on monitored i nterface CMartin
TCP Data Offset is less than 5 Gabriel L. Somlo
Re: Flexresp2 installation and configuration Problem Jeff Nathan
Threshold settings Jeff Kell
Oinkmaster Oddity Thompson, Jimi
RE: WinSnort and MSSQL Problem Michael Steele
re: http\_inspect alerts adam_peterson
RE: re: http\_inspect alerts CMartin
re: http\_inspect alerts adam_peterson
RE: http\_inspect alerts CMartin
RE: Snort logging to mysql with no ip on monitored interface snort
RE: Snort logging to mysql with no ip on monitored interface snort
RE: Snort logging to mysql with no ip on monitored interface snort