Snort mailing list archives
Latest Snort 2.1.x on Solaris 8, Can anyone confirm please?
From: Snortty <cwcwcwg () yahoo com>
Date: Fri, 19 Mar 2004 06:04:20 -0800 (PST)
--- "Daniel J. Roelker" <droelker () sourcefire com> wrote:
This is a problem with all events that are not rule related events. I'll fix this up before 2.1.1 goes out. Thanks for pointing it out. Dan On Wed, 2004-01-14 at 17:48, Andreas Ãstling wrote:On Wed, 14 Jan 2004, Daniel J. Roelker wrote:Any other suggestions that users want in 2.1.1for http_inspect orotherwise, please let us know.Unfortunately I've not had a chance to play muchwith http_inspect yet soforgive me if I'm lost here, but one thing seems abit strange to me.For clients that send multiple requets in the sametcp stream, two alertswill be generated for the same request. First forthe actual packetcontaining the bad request and then for therebuilt client stream whichobviously contains the same request again amongother stuff.Is this the expected behaviour? (I have examples with packet dumps if needed) /Andreas-- Daniel Roelker Software Developer Sourcefire, Inc.
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users __________________________________ Do you Yahoo!? Yahoo! Mail - More reliable, more storage, less spam http://mail.yahoo.com ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Problems with snort-2.1.0 Schmehl, Paul L (Jan 12)
- <Possible follow-ups>
- RE: Problems with snort-2.1.0 Daniel J. Roelker (Jan 14)
- RE: Problems with snort-2.1.0 Andreas Östling (Jan 14)
- RE: Problems with snort-2.1.0 Daniel J. Roelker (Jan 15)
- Latest Snort 2.1.x on Solaris 8, Can anyone confirm please? Snortty (Mar 19)
- RE: Problems with snort-2.1.0 Andreas Östling (Jan 14)
- RE: Problems with snort-2.1.0 Schmehl, Paul L (Jan 14)
- RE: Problems with snort-2.1.0 DM (Jan 14)