Snort mailing list archives
(http_inspect) NON-RFC HTTP DELIMITER
From: Peggy Kam <ppkam () n-dsi com>
Date: Mon, 01 Mar 2004 15:52:21 -0500
Hi, Does anyone know which rule triggers the following alert? [**] [119:13:1] (http_inspect) NON-RFC HTTP DELIMITER [**]03/01-15:36:12.922251 0:A:E6:89:42:65 -> 0:40:F4:6B:59:55 type:0x800 len:0x5E 192.168.22.30:4497 -> 192.168.22.205:80 TCP TTL:128 TOS:0x0 ID:57615 IpLen:20 DgmLen:80 DF
***AP*** Seq: 0x6D579DE1 Ack: 0x83A999D7 Win: 0x4470 TcpLen: 20 I do not seem to find the rule anywhere that triggers that. Thanks in advance, Peggy ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- SNORT has memory leak on Linux Red hat 9 Kumar, Manoj (Feb 27)
- Re: [Snort-devel] SNORT has memory leak on Linux Red hat 9 Ian Macdonald (Feb 27)
- Re: SNORT has memory leak on Linux Red hat 9 ypwhich (Feb 27)
- Re: SNORT has memory leak on Linux Red hat 9 twig les (Feb 27)
- <Possible follow-ups>
- RE: SNORT has memory leak on Linux Red hat 9 SN ORT (Mar 01)
- (http_inspect) NON-RFC HTTP DELIMITER Peggy Kam (Mar 01)