Snort: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

1000 messages starting Apr 01 10 and ending Jun 30 10
Date index | Thread index | Author index

Thursday, 01 April

Re: Hello akos . daniel
Re: Hello Mike Lococo
http_header issues, Snort 2.8.5.3 evilghost () packetmail net
Re: http_header issues, Snort 2.8.5.3 Will Metcalf
Re: http_header issues, Snort 2.8.5.3 evilghost () packetmail net
Re: http_header issues, Snort 2.8.5.3 Mike Cox
Re: http_header issues, Snort 2.8.5.3 L0rd Ch0de1m0rt
Re: http_header issues, Snort 2.8.5.3 Jason Brvenik
Re: http_header issues, Snort 2.8.5.3 L0rd Ch0de1m0rt
Re: http_header issues, Snort 2.8.5.3 Steven Sturges
Re: http_header issues, Snort 2.8.5.3 evilghost () packetmail net
Re: http_header issues, Snort 2.8.5.3 Jason Brvenik
Re: http_header issues, Snort 2.8.5.3 Jeff Kell
Re: http_header issues, Snort 2.8.5.3 Russ Combs
snort on ossim Kaushal Shriyan
Re: http_header issues, Snort 2.8.5.3 Will Metcalf
Re: http_header issues, Snort 2.8.5.3 Paul Schmehl
Re: http_header issues, Snort 2.8.5.3 Paul Schmehl
Re: http_header issues, Snort 2.8.5.3 Jason Brvenik
Issue with Wireless Monitoring Paul K
Re: HTTP preprocessor and POST data Xavi Garcia
Re: snort on ossim Kaushal Shriyan

Friday, 02 April

Re: Hello vishesh kumar
Gmail https access fires "WEB-MISC SSLv2 openssl get shared ciphers overflow attempt" rule Miguel Rubio-Roy
Re: Snort as an anomalous behavior IDS Jason Haar
Re: Hello Matt Olney
Re: Hello vishesh kumar
help me sir koko koko
Re: Snort as an anomalous behavior IDS Willst Mail
Re: Snort as an anomalous behavior IDS Joel Esler
IDS behind a web gateway Nate Hausrath
Re: IDS behind a web gateway Joel Esler
Re: Snort as an anomalous behavior IDS Jason Haar
Unable to download VRT Rules Garland, Ken R
Re: Issue with Wireless Monitoring Alan Ptak
Re: Snort as an anomalous behavior IDS Paul Schmehl

Sunday, 04 April

question policy default snort Ricardo Barbosa
Snorby with barnyard Kum Weng Luey

Monday, 05 April

Re: question policy default snort Alex Kirk
Re: Snorby with barnyard Joel Esler
IDSCenter or ACID ??? Alejandro Cabrera Obed
Re: IDSCenter or ACID ??? Joel Esler
Re: Snorby with barnyard JJ Cummings
Hogger 0.2.0 released Crook, Parker
Best way to deploy snort Kum Weng Luey
Re: Best way to deploy snort Glenn English
Re: Snorby with barnyard Kum Weng Luey

Tuesday, 06 April

Re: Help to run snort on linux machine sri harsha
Pin snort single processor Jason Wallace
Re: Pin snort single processor JJ Cummings
Re: Pin snort single processor Jason Wallace
Re: Pin snort single processor Edward Bjarte Fjellskål
Re: Help to run snort on linux machine Joel Esler
Sourcefire VRT Certified Snort Rules Update 2010-04-06 Research
Re: Best way to deploy snort Paul Schmehl
SID 13923 - Bad Rule evilghost () packetmail net
Snort throughput performance question. Andy Berryman
Re: SID 13923 - Bad Rule evilghost () packetmail net
Re: Sourcefire VRT Certified Snort Rules Update 2010-04-06 L0rd Ch0de1m0rt
Re: Sourcefire VRT Certified Snort Rules Update 2010-04-06 Eoin Miller
Re: SID 13923 - Bad Rule Patrick Mullen
Re: SID 13923 - Bad Rule evilghost () packetmail net
Re: SID 13923 - Bad Rule Matt Olney
Re: Best way to deploy snort Kum Weng Luey
Re: Help to run snort on linux machine sri harsha
Re: Help to run snort on linux machine Edward Bjarte Fjellskål
Re: Help to run snort on linux machine Alan Ptak

Wednesday, 07 April

Re: Help to run snort on linux machine sri harsha
Re: Help to run snort on linux machine Nick Moore
Re: Help to run snort on linux machine Joel Esler
Re: Help to run snort on linux machine Adam Richards
Worth upgrading from 2.8.5.2 to 2.8.5.3? Andy Berryman
Re: Pin snort single processor Will Metcalf
Re: Worth upgrading from 2.8.5.2 to 2.8.5.3? Nigel Houghton
Re: Worth upgrading from 2.8.5.2 to 2.8.5.3? Matt Olney
VRT SO Rule SID: 10127 Causing Segfault on Snort 2.8.5-3 infosec posts
Re: VRT SO Rule SID: 10127 Causing Segfault on Snort 2.8.5-3 Nigel Houghton
Re: VRT SO Rule SID: 10127 Causing Segfault on Snort 2.8.5-3 Patrick Mullen
barnyard 2 not outputing logs to mysql Kum Weng Luey
Re: Worth upgrading from 2.8.5.2 to 2.8.5.3? Andy Berryman
Re: barnyard 2 not outputing logs to mysql JJ Cummings
Re: barnyard 2 not outputing logs to mysql Kum Weng Luey
Re: barnyard 2 not outputing logs to mysql JJ Cummings
Re: Worth upgrading from 2.8.5.2 to 2.8.5.3? Nigel Houghton
Re: Worth upgrading from 2.8.5.2 to 2.8.5.3? Andy Berryman
Re: Worth upgrading from 2.8.5.2 to 2.8.5.3? Nigel Houghton
Snort inline SLOW Tomás Heredia
Re: Snort inline SLOW Tomás Heredia
Re: Snort inline SLOW Tomás Heredia
Re: VRT SO Rule SID: 10127 Causing Segfault on Snort 2.8.5-3 infosec posts
Packet Performance Monitoring Question... Edward Bjarte Fjellskål
Re: Snort inline SLOW Will Metcalf
Snorby problems. Kum Weng Luey
Can Snort monitor multiple VLANs on a VM? Jun Wan

Thursday, 08 April

Need help - TCP Stream5 Parag Pote
How can i log detection time? 김무성
Re: Need help - TCP Stream5 Matt Olney
Re: Need help - TCP Stream5 Matt Olney
Re: Snort inline SLOW Tomás Heredia
Re: Need help - TCP Stream5 Joel Esler
Re: Snorby problems. JJ Cummings
[HITB-Announce] FINAL CALL - CFP for HITBSecConf2010 Amsterdam Hafez Kamal
[HITB-Announce] FINAL CALL - CFP for HITBSecConf2010 Amsterdam Hafez Kamal
Looking for HTTP POST's over 1mb in size JOSH RIVEL, BLOOMBERG/ 731 LEXIN
Re: Looking for HTTP POST's over 1mb in size evilghost () packetmail net
Re: Looking for HTTP POST's over 1mb in size Rodrigo Montoro(Sp0oKeR)
Re: [Snort-sigs] Looking for HTTP POST's over 1mb in size JOSH RIVEL, BLOOMBERG/ 731 LEXIN
Re: Looking for HTTP POST's over 1mb in size evilghost () packetmail net
Re: Looking for HTTP POST's over 1mb in size David . R . Wharton
Sourcefire VRT Certified Snort Rules Update 2010-04-08 Research
Re: Looking for HTTP POST's over 1mb in size 김무성
FP on SID 16409;rev:1; Jason Haar
Re: Snorby problems. Kum Weng Luey
Re: Looking for HTTP POST's over 1mb in size L0rd Ch0de1m0rt
Re: Looking for HTTP POST's over 1mb in size Matt Olney
Re: Looking for HTTP POST's over 1mb in size evilghost () packetmail net
Re: FP on SID 16409;rev:1; Alex Kirk
Re: Looking for HTTP POST's over 1mb in size Alex Kirk
Re: Looking for HTTP POST's over 1mb in size Matt Olney
Re: Looking for HTTP POST's over 1mb in size evilghost () packetmail net
Re: FP on SID 16409;rev:1; Jason Haar
Re: FP on SID 16409;rev:1; Matt Olney

Friday, 09 April

Re: Can Snort monitor multiple VLANs on a VM? Jun Wan
Author SNORT books- Packt Publishing. Kshipra Singh
Re: Snort-users Digest, Vol 47, Issue 17 Sunil.V.Gurlahosur
Re: Snort-users Digest, Vol 47, Issue 17 Joel Esler
Re: Looking for HTTP POST's over 1mb in size L0rd Ch0de1m0rt
[Fwd: [Snort-users] Packet Performance Monitoring Question...] Edward Bjarte Fjellskål
Re: Snort-users Digest, Vol 47, Issue 15 Sunil.V.Gurlahosur
unsubscribe Furio Penteriani
Re: Snort-users Digest, Vol 47, Issue 15 Will Metcalf
Re: unsubscribe evilghost () packetmail net
Re: unsubscribe Matt Olney
Richard Tyrrell/Telford/Syan Ltd is out of the office. Richard Tyrrell
Re: Can Snort monitor multiple VLANs on a VM? elof
Trailing headers on chunked requests not part of http_header buffer? Will Metcalf
Re: Can Snort monitor multiple VLANs on a VM? Jun Wan
Re: unsubscribe Shirk Dog
FW: Can Snort monitor multiple VLANs on a VM? Jun Wan
Re: Can Snort monitor multiple VLANs on a VM? Jun Wan
Strata Guard Randal T. Rioux

Saturday, 10 April

Re: unsubscribe Jamie
IBM DotStar Randal T. Rioux

Sunday, 11 April

does anybody know about this log? 김무성
FW: does anybody know about this log? 김무성

Monday, 12 April

Trouble in triggering the snort rule to detect FTP Brute Force attack manjushree ks
Re: Trouble in triggering the snort rule to detect FTP Brute Force attack Eoin Miller
Re: Trouble in triggering the snort rule to detect FTP Brute Force attack Nigel Houghton
Re: Trouble in triggering the snort rule to detect FTP Brute Force attack L0rd Ch0de1m0rt
Re: Trouble in triggering the snort rule to detect FTP Brute Force attack evilghost () packetmail net
Re: Trouble in triggering the snort rule to detect FTP Brute Force attack Joel Esler
Re: Trouble in triggering the snort rule to detect FTP Brute Force attack Joel Esler
Re: Trouble in triggering the snort rule to detect FTP Brute Force attack evilghost () packetmail net
VRT Rules - Download Not Working Garland, Ken R
Re: VRT Rules - Download Not Working Nigel Houghton
Re: VRT Rules - Download Not Working Garland, Ken R
Re: VRT Rules - Download Not Working Nigel Houghton
Re: VRT Rules - Download Not Working Joel Esler
Re: VRT Rules - Download Not Working Garland, Ken R
Snort Rules Update BROKE Billy Marshall
Re: VRT Rules - Download Not Working Joel Esler
Re: Snort Rules Update BROKE Joel Esler
Re: Snort Rules Update BROKE CunningPike
Re: Trouble in triggering the snort rule to detect FTP Brute Force attack CunningPike
Re: Trouble in triggering the snort rule to detect FTP Brute Force attack evilghost () packetmail net

Tuesday, 13 April

throughput of snort usually(and with specific rules) d a
Re: [Snort-devel] throughput of snort usually(and with specific rules) Jules Disso
Re: throughput of snort usually(and with specific rules) L0rd Ch0de1m0rt
Server lists defrined in snort.conf Alejandro Cabrera Obed
Re: Server lists defrined in snort.conf Joel Esler
Re: Server lists defrined in snort.conf Alejandro Cabrera Obed
Re: Server lists defrined in snort.conf Joel Esler
Has a rule been created for this? Adam Richards
Re: [Snort-users] throughput of snort usually(and with specific rules) Joel Esler
Re: Has a rule been created for this? evilghost () packetmail net
Re: Has a rule been created for this? Adam Richards
Re: Has a rule been created for this? evilghost () packetmail net
Re: throughput of snort usually(and with specific rules) d a
Re: Server lists defrined in snort.conf Colin Grady
Sourcefire VRT Certified Snort Rules Update 2010-04-13 Research
Re: [Snort-sigs] throughput of snort usually(and with specific rules) Joel Esler
Problems with snort 2.8.5.3 LibVersion Lawrence R. Hughes, Sr.
Re: Problems with snort 2.8.5.3 LibVersion Joel Esler
Re: Problems with snort 2.8.5.3 LibVersion zultan
PEAR graph Kum Weng Luey
Help needed with SNORT Inline Piyush Joshi

Wednesday, 14 April

Re: PEAR graph Nick Moore
Re: [Fwd: [Snort-users] Packet Performance Monitoring Question...] Russ Combs
Re: Sourcefire VRT Certified Snort Rules Update 2010-04-13 infosec posts
Re: Sourcefire VRT Certified Snort Rules Update 2010-04-13 Nigel Houghton
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net
snort.conf compatibility Billy Marshall
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Nigel Houghton
Re: Sourcefire VRT Certified Snort RulesUpdate2010-04-13 evilghost () packetmail net
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Jeff Nathan
Re: snort.conf compatibility JJ Cummings
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 chris . kniseley
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Jeff Nathan
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Patrick Mullen
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 infosec posts
Re: [Fwd: [Snort-users] Packet Performance Monitoring Question...] Edward Bjarte Fjellskål
Re: [Fwd: [Snort-users] Packet Performance Monitoring Question...] Edward Bjarte Fjellskål
Re: [Fwd: [Snort-users] Packet Performance Monitoring Question...] Rodrigo Montoro(Sp0oKeR)
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net
Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net
Re: [Fwd: [Snort-users] Packet Performance Monitoring Question...] Russ Combs
Re: [Fwd: [Snort-users] Packet Performance Monitoring Question...] Edward Bjarte Fjellskål
Re: [Fwd: [Snort-users] Packet Performance Monitoring Question...] Edward Bjarte Fjellskål
HTTP Signature not triggering JOSH RIVEL, BLOOMBERG/ 731 LEXIN
Re: HTTP Signature not triggering Will Metcalf
Re: HTTP Signature not triggering JOSH RIVEL, BLOOMBERG/ 731 LEXIN
Re: HTTP Signature not triggering Will Metcalf
Current VRT keeps using threshold (in rule)? Javier Romero
Re: Current VRT keeps using threshold (in rule)? Joel Esler
Re: HTTP Signature not triggering Will Metcalf
Re: HTTP Signature not triggering JOSH RIVEL, BLOOMBERG/ 731 LEXIN
Re: HTTP Signature not triggering JOSH RIVEL, BLOOMBERG/ 731 LEXIN
Re: HTTP Signature not triggering JOSH RIVEL, BLOOMBERG/ 731 LEXIN
why can't IPS update? Jamie A. Stapleton

Thursday, 15 April

Re: why can't IPS update? Nick Moore
Re: why can't IPS update? justin joseph
Re: Current VRT keeps using threshold (in rule)? Patrick Mullen
Snort Timestats Going Once ... Russ Combs
Snort for Windows with FlexResp/FlexResp2 Doug Potter
Sourcefire VRT Certified Snort Rules Update 2010-04-15 Research
http-inspect sig id Snort Alert 21 Russell Fulton
Remote viewing of Snorby Kum Weng Luey
How to search for SID? Chong Lee Poh

Friday, 16 April

Re: http-inspect sig id Snort Alert 21 Nigel Houghton
Re: How to search for SID? Rodrigo Montoro(Sp0oKeR)
Re: How to search for SID? Joel Esler
undefined symbol: LibVersion error David Holder
Re: undefined symbol: LibVersion error JJ Cummings
Re: undefined symbol: LibVersion error David Holder
Re: undefined symbol: LibVersion error JJ Cummings
False positives with SID 16533? Andy Berryman
Re: False positives with SID 16533? Matt Watchinski
Re: False positives with SID 16533? Andy Berryman

Sunday, 18 April

Re: undefined symbol: LibVersion error David Holder
Re: undefined symbol: LibVersion error Richard Bejtlich
Re: undefined symbol: LibVersion error JJ Cummings

Monday, 19 April

Bridge Help Piyush Joshi
Weird happenings redwookie
Re: Weird happenings Russ Combs
Re: Weird happenings redwookie
Re: Weird happenings Joel Esler
Re: Weird happenings redwookie
Re: Weird happenings Russ Combs
Re: Weird happenings Burks, Doug
Re: Weird happenings Red Wookie
Re: Weird happenings Russ Combs

Tuesday, 20 April

Unable to view snorby remotely Kum Weng Luey
[Oisf-announce] Suricata 0.8.2 released! Matt Jonkman
Re: Weird happenings redwookie
Re: Weird happenings Russ Combs
Re: Weird happenings JOSH RIVEL, BLOOMBERG/ 731 LEXIN
Re: Unable to view snorby remotely Joel Esler
Re: Unable to view snorby remotely Dustin Webber
Snort 2.8.5.3 does not like default global telnet config?? Joe Pampel
Re: Snort 2.8.5.3 does not like default global telnet config?? Russell Fulton
Count TCP requeriments to server. Guillermo Morales
Re: Snort 2.8.5.3 does not like default global telnet config?? Joe Pampel
Re: Snort 2.8.5.3 does not like default global telnet config?? Joel Esler
Re: Snort 2.8.5.3 does not like default global telnet config?? Joe Pampel

Wednesday, 21 April

Re: Count TCP requeriments to server. L0rd Ch0de1m0rt
Re: Count TCP requeriments to server. Guillermo Morales
Re: Count TCP requeriments to server. L0rd Ch0de1m0rt
Snort: undefined symbol: LibVersion Pat McNamara
Re: Snort: undefined symbol: LibVersion Joel Esler

Thursday, 22 April

Base and emailing alerts Pat McNamara
Snort inline mode Unable to create netlink socket Jose Valdivia
Re: Base and emailing alerts Joel Esler
Snort_inline initialize Fábio Ferrão
Re: Base and emailing alerts Will Metcalf
Re: Count TCP requeriments to server. Guillermo Morales
Re: Snort inline mode Unable to create netlink socket Joel Esler
Re: Snort_inline initialize Joel Esler
Re: Snort_inline initialize Joel Esler
rpm vs tarball Gregory Zill
OS Memory usage: 32bits vs. 64bits Jonathan Saint-Léger
Re: OS Memory usage: 32bits vs. 64bits Steven Sturges
[HITB-Announce] HITBSecConf2009 - Malaysia Videos Released! Hafez Kamal
[HITB-Announce] HITBSecConf2009 - Malaysia Videos Released! Hafez Kamal
[HITB-Announce] HITBSecConf2010 - Dubai - Presentation Materials Hafez Kamal
[HITB-Announce] HITBSecConf2010 - Dubai - Presentation Materials Hafez Kamal
[HITB-Announce] HITB eZine Issue 002 out now! Hafez Kamal
[HITB-Announce] HITB eZine Issue 002 out now! Hafez Kamal

Friday, 23 April

Re: rpm vs tarball Nick Moore
Re: Snort inline mode Unable to create netlink socket Safwat Fahmy
Re: rpm vs tarball Ryan Jordan
Pattern Matching in encoded Shellcode felix.matenaar@rwth-aachen
Re: Pattern Matching in encoded Shellcode felix.matenaar@rwth-aachen

Saturday, 24 April

Re: Pattern Matching in encoded Shellcode felix.matenaar@rwth-aachen
Re: Pattern Matching in encoded Shellcode Matt Olney
New in using snort by some troubles supercodeing35271 supercodeing35271

Sunday, 25 April

recent vrt updates disable many rules (web-iis, web-cgi, web-misc etc) monitz
Re: New in using snort by some troubles Joel Esler
david facon Ilo Lorusso
Snort isn't logging to snort.log but is to snort.alert ccie 6862
Re: Snort isn't logging to snort.log but is to snort.alert Joel Esler
Re: Snort isn't logging to snort.log but is to snort.alert ccie 6862
Does anyone use swatch? ccie 6862
Re: Does anyone use swatch? Will Metcalf
Re: recent vrt updates disable many rules (web-iis, web-cgi, web-misc etc) Alex Kirk
Re: recent vrt updates disable many rules (web-iis, web-cgi, web-misc etc) monitz

Monday, 26 April

Are the rules not being read? Eric Zheng
Re: Are the rules not being read? Alex Kirk
Re: Are the rules not being read? Joel Esler
Re: recent vrt updates disable many rules (web-iis, web-cgi, web-misc etc) Joel Esler
Snort 2.8.6 RC Now Available Snort Releases
Snort 2.8.6 RC Now Available Snort Releases
Re: Snort 2.8.6 RC Now Available Ryan Jordan
Snort 2.8.6 Now Available Snort Releases
Snort 2.8.6 Now Available Snort Releases
Sourcefire VRT Certified Snort Rules Update 2010-04-26 Research
RegisterRuleOption from 2.8.5.x to 2.8.6 Luis Daniel Lucio Quiroz
Re: RegisterRuleOption from 2.8.5.x to 2.8.6 Ryan Jordan
different places fro dynamicpreprocesors in 2.6 Luis Daniel Lucio Quiroz
Re: different places fro dynamicpreprocesors in 2.6 Joel Esler
Re: different places fro dynamicpreprocesors in 2.6 Luis Daniel Lucio Quiroz
Re: different places fro dynamicpreprocesors in 2.6 Joel Esler
snort 2.8.6 problems Lawrence R. Hughes, Sr.
Re: different places fro dynamicpreprocesors in 2.6 Luis Daniel Lucio Quiroz
Re: snort 2.8.6 problems Joel Esler
Re: Are the rules not being read? Eric Zheng

Tuesday, 27 April

snort 2.8.5.3 with react keyword not sending msg to browser RMS, Admin
Re: snort 2.8.5.3 with react keyword not sending msg to browser Joel Esler
Re: snort 2.8.5.3 with react keyword not sending msg to browser Joel Esler
Re: snort 2.8.5.3 with react keyword not sending msg to browser RMS, Admin
Re: snort 2.8.5.3 with react keyword not sending msg to browser Joel Esler
Re: snort 2.8.5.3 with react keyword not sending msg to browser Nerijus Krukauskas
Re: snort 2.8.5.3 with react keyword not sending msg to browser Russ Combs
pulledpork 0.4.1 Release JJ Cummings
TR: snort 2.8.5.3 with react keyword not sending msg to browser RMS, Admin
Re: snort 2.8.5.3 with react keyword not sending msg to browser RMS, Admin
2.8.6 errors Bruce A. Sanders
Re: 2.8.6 errors Joel Esler
snort 2.8.6 inline mode issues Lawrence R. Hughes, Sr.
Upgrade from 2.5.8.1 to 2.8.6 and no alerts! Chambers, Richard A. (LARC-B703)[RAYTHEON TECHNICAL SERVICES COMPANY]
Re: Upgrade from 2.5.8.1 to 2.8.6 and no alerts! Joel Esler
Re: Upgrade from 2.5.8.1 to 2.8.6 and no alerts! Chambers, Richard A. (LARC-B703)[RAYTHEON TECHNICAL SERVICES COMPANY]
Re: Upgrade from 2.5.8.1 to 2.8.6 and no alerts! Ryan Jordan
Re: snort 2.8.6 inline mode issues Will Metcalf
Re: Upgrade from 2.5.8.1 to 2.8.6 and no alerts! rmkml
Whats the correct way to migrate from v2.8.5.x to v2.8.6.x? Chan, Wilson
Re: Whats the correct way to migrate from v2.8.5.x to v2.8.6.x? Joel Esler
Re: Whats the correct way to migrate from v2.8.5.x to v2.8.6.x? Chan, Wilson
Re: Whats the correct way to migrate from v2.8.5.x to v2.8.6.x? Joel Esler
proper metadata use? Will Metcalf
Re: Whats the correct way to migrate from v2.8.5.x to v2.8.6.x? Joel Esler
Re: Whats the correct way to migrate from v2.8.5.x to v2.8.6.x? Joel Esler
Re: proper metadata use? JJ Cummings

Wednesday, 28 April

Re: snort 2.8.5.3 with react keyword not sending msg to browser RMS, Admin
Alternative to BASE Curt Shaffer
Snort 2.8.6 segfaults when starting Andy Berryman
Re: Snort 2.8.6 segfaults when starting Joel Esler
Re: Snort 2.8.6 segfaults when starting Russ Combs
Re: Snort 2.8.6 segfaults when starting Andy Berryman
Re: Alternative to BASE Kevin Johnson
Re: Alternative to BASE Stephen Mullins
Re: Alternative to BASE Dustin Webber
memory corruption in 2.8.6 Safwat Fahmy
Off Topic: Information Security research paper help Mike Ferguson
Re: Alternative to BASE Curt Shaffer
Re: Alternative to BASE Kevin Johnson
Re: Snort 2.8.6 segfaults when starting Seth Art
Re: Off Topic: Information Security research paper help Ryan Jordan
Re: Snort 2.8.6 segfaults when starting JJ Cummings
Re: memory corruption in 2.8.6 Russ Combs
Re: memory corruption in 2.8.6 Safwat Fahmy
Re: Snort 2.8.6 segfaults when starting Joel Esler
Re: memory corruption in 2.8.6 Russ Combs
Re: Off Topic: Information Security research paper help Ray Caparros
Disabled rules still triggering Willst Mail
Re: Off Topic: Information Security research paper help Eoin Miller
Re: [Emerging-Sigs] Off Topic: Information Security research paper help Paul Schmehl
Re: Alternative to BASE Jeff Kell
Re: Disabled rules still triggering Chan, Wilson
Re: Alternative to BASE Bamm Visscher
Re: Alternative to BASE Stephen Mullins
Re: memory corruption in 2.8.6 Safwat Fahmy
Problems with Snort, Barnyard2, BASE on SUSE 11 Michael Sloan
Re: Problems with Snort, Barnyard2, BASE on SUSE 11 Joel Esler
Re: memory corruption in 2.8.6 Russ Combs
Re: memory corruption in 2.8.6 Joel Esler
Re: memory corruption in 2.8.6 Safwat Fahmy
FW: memory corruption in 2.8.6 Safwat Fahmy
Problem capturing packets with IPv6 routing header scheffler
Re: FW: memory corruption in 2.8.6 Russ Combs
Re: Problem capturing packets with IPv6 routing header Joel Esler
Re: Problems with Snort, Barnyard2, BASE on SUSE 11 Nick Moore
Re: FW: memory corruption in 2.8.6 Safwat Fahmy
Re: Disabled rules still triggering Willst Mail
Re: Disabled rules still triggering Joel Esler
Re: proper metadata use? Will Metcalf

Thursday, 29 April

multiple typos on snort v2.8.6(.0) rmkml
Re: multiple typos on snort v2.8.6(.0) Russ Combs
Re: FW: memory corruption in 2.8.6 Russ Combs
Re: Disabled rules still triggering Willst Mail
Re: Problems with Snort, Barnyard2, BASE on SUSE 11 Michael Sloan
snort 2.8.5.3 with react keyword not sending rule msg to browser RMS, Admin
Re: Problem capturing packets with IPv6 routing header Ryan Jordan
Old bug - Could not remove pid file elof
Re: FW: memory corruption in 2.8.6 Billy Marshall
Re: Old bug - Could not remove pid file Russ Combs
Re: FW: memory corruption in 2.8.6 Safwat Fahmy
Re: Problems with Snort, Barnyard2, BASE on SUSE 11 Billy Marshall
ftp_pp: FTP malformed parameter Jason Wallace
Secure Connection to transfer logs. Garland, Ken R
Failed to load dynamic preprocessor david nardoni
Use of Host Attribute table, Frag3, and Stream 5 question Andy Berryman
Re: FW: memory corruption in 2.8.6 Safwat Fahmy
Re: Secure Connection to transfer logs. Randal T. Rioux
sd_pattern question Jason Wallace
Re: Secure Connection to transfer logs. Garland, Ken R
Re: Secure Connection to transfer logs. beenph
Re: Use of Host Attribute table, Frag3, and Stream 5 question Crook, Parker
Re: Use of Host Attribute table, Frag3, and Stream 5 question Andy Berryman
Re: Secure Connection to transfer logs. Randal T. Rioux
Re: Use of Host Attribute table, Frag3, and Stream 5 question Crook, Parker
snort_inline + barnyard2 + base Fábio Ferrão
Re: Secure Connection to transfer logs. firnsy
HP SIM for monitoring snort process Billy Marshall
Upgraded to 2.8.6 and external network addresses James R. Marcus
Sourcefire VRT Certified Snort Rules Update 2010-04-29 Research
Re: Upgraded to 2.8.6 and external network addresses Burks, Doug
Re: Upgraded to 2.8.6 and external network addresses James R. Marcus
Re: snort_inline + barnyard2 + base Joel Esler
Re: Upgraded to 2.8.6 and external network addresses Nick Moore
Re: Secure Connection to transfer logs. Joel Esler
Re: HP SIM for monitoring snort process Joel Esler
Re: Failed to load dynamic preprocessor Joel Esler
Re: HP SIM for monitoring snort process Joe Pampel
Running snort and barnyard with 3 sniffing interfaces ccie 6862
Re: Running snort and barnyard with 3 sniffing interfaces Eoin Miller
Re: Running snort and barnyard with 3 sniffing interfaces Joel Esler
EUSecWest Amsterdam 2010 Call For Papers (short deadline May 5 - conf June 16/17) Dragos Ruiu

Friday, 30 April

Snort on Windows starts but doesn't create any alerts Max Williams
Re: Snort on Windows starts but doesn't create any alerts Max Williams
Re: Snort on Windows starts but doesn't create any alerts Joel Esler
Re: Snort on Windows starts but doesn't create any alerts Max Williams
Re: Snort on Windows starts but doesn't create any alerts Nick Moore
FATAL ERROR: Failed to initialize dynamic preprocessor: SF_SDF version 1.1.1 ccie 6862
Re: FATAL ERROR: Failed to initialize dynamic preprocessor: SF_SDF version 1.1.1 Joel Esler
Re: ftp_pp: FTP malformed parameter Jason Wallace
Fw: FATAL ERROR: Failed to initialize dynamic preprocessor: SF_SDF version 1.1.1 ccie 6862
Re: ftp_pp: FTP malformed parameter Joel Esler
Re: Fw: FATAL ERROR: Failed to initialize dynamic preprocessor: SF_SDF version 1.1.1 Joel Esler
Re: ftp_pp: FTP malformed parameter Jason Wallace
Fw: Re: Fw: FATAL ERROR: Failed to initialize dynamic preprocessor: SF_SDF version 1.1.1 ccie 6862
Re: Fw: FATAL ERROR: Failed to initialize dynamic preprocessor: SF_SDF version 1.1.1 Ryan Jordan
Snort PCAP FRAMES Query Michael Sloan
Re: Snort PCAP FRAMES Query Seth Art
Using within after http_headers Mike Cox
Re: Using within after http_headers Joel Esler
Re: Using within after http_headers Will Metcalf
Re: Using within after http_headers Joel Esler
Re: Using within after http_headers Will Metcalf
Re: Using within after http_headers Joel Esler
snort-user's drinking game Crook, Parker
Re: snort-user's drinking game Jason Brvenik
Re: snort-user's drinking game Jeff Nathan

Monday, 03 May

scanning for emoticons in MSN messenger? Eric Zheng
Snort Deployment Kum Weng Luey
Re: Snort Deployment Joe Pampel
Bugreport - 60 second timeout before shutdown elof
Re: Snort Deployment Joel Esler
Re: scanning for emoticons in MSN messenger? Joel Esler
SDP gen-msg.map and doc's mismatch??? Jason Wallace
Re: Snort Deployment akos . daniel
Re: SDP gen-msg.map and doc's mismatch??? Ryan Jordan
Re: Using within after http_headers Alex Kirk
Re: Snort Deployment Joe Pampel
Re: Snort Deployment Joel Esler
Re: SDP gen-msg.map and doc's mismatch??? Ryan Jordan
Re: snort-user's drinking game Stephen Mullins
Re: snort-user's drinking game Joel Esler
Re: SDP gen-msg.map and doc's mismatch??? Jason Wallace
Re: snort-user's drinking game Stephen Mullins
Re: snort-user's drinking game Ray Caparros
Re: snort-user's drinking game Sandro guly Zaccarini
Re: snort-user's drinking game Joel Esler
Re: Snort Deployment Kum Weng Luey
Distro of choice BrainStomp Snort
Re: Distro of choice Luis Daniel Lucio Quiroz
Re: scanning for emoticons in MSN messenger? Eric Zheng

Tuesday, 04 May

Re: Distro of choice Joel Esler
Re: scanning for emoticons in MSN messenger? Joel Esler
Re: Distro of choice Nerijus Krukauskas
Re: Distro of choice Alex Kirk
Re: Snort on Windows starts but doesn't create any alerts Max Williams
Re: Distro of choice Jason Wallace
Re: Snort Deployment JJ Cummings
Re: Distro of choice JJ Cummings
Re: Distro of choice Nick Moore
Re: Distro of choice Paul Schmehl
Re: Distro of choice Joel Esler
Re: Distro of choice Galley, Daniel
Re: Distro of choice JJ Cummings
Snort 2.8.6 and gzip decoding functionality not working for me L0rd Ch0de1m0rt
Re: Snort 2.8.6 and gzip decoding functionality not working for me Matt Olney
Re: Snort 2.8.6 and gzip decoding functionality not working for me Matt Watchinski
Re: Snort 2.8.6 and gzip decoding functionality not working for me Bhagya Bantwal
Re: Snort 2.8.6 and gzip decoding functionality not working for me L0rd Ch0de1m0rt
Re: Snort 2.8.6 and gzip decoding functionality not working for me Matt Watchinski
Re: Snort on Windows starts but doesn't create any alerts Michael Green
Re: Distro of choice Bryan Irvine
Sourcefire VRT Certified Snort Rules Update 2010-05-04 Research
Win32: failed to initialize dynamic preprocessor: sf_sdf (ipv6) Michael Steele
Re: Distro of choice Nigel Houghton

Wednesday, 05 May

Re: Sourcefire VRT Certified Snort Rules Update Kayvan Javid
Re: Sourcefire VRT Certified Snort Rules Update Nigel Houghton
Re: Distro of choice IT Security
Re: Sourcefire VRT Certified Snort Rules Update Joel Esler
Re: Distro of choice Sandro guly Zaccarini
Re: Distro of choice Nigel Houghton
unified2 output Curt Shaffer
Re: unified2 output Joel Esler
Re: unified2 output JJ Cummings
Re: unified2 output Curt Shaffer
How can i stop alerts that come from my own ip range? Pat McNamara
Re: How can i stop alerts that come from my own ip range? Matt Olney
Re: How can i stop alerts that come from my own ip range? Joel Esler
Re: How can i stop alerts that come from my own ip range? Stephen Mullins
Re: How can i stop alerts that come from my own ip range? Joel Esler
Re: How can i stop alerts that come from my own ip range? Rob Dixon
Re: How can i stop alerts that come from my own ip range? Pat McNamara
Re: How can i stop alerts that come from my own ip range? Joel Esler
Re: Snort on Windows starts but doesn't create any alerts Max Williams
Re: How can i stop alerts that come from my own ip range? Matt Olney
sfPortscan in the snort.conf Pat McNamara
Re: sfPortscan in the snort.conf Crook, Parker
Re: sfPortscan in the snort.conf Jason Wallace
Error: failed to initialize dynamic preprocessor: sf_sdf (ipv6) Michael Steele
Win32 Users Survey Steven Sturges
Re: Snort 2.8.6 and gzip decoding functionality not working for me L0rd Ch0de1m0rt
Re: [Snort-devel] Win32 Users Survey Jun Wan
Re: Win32 Users Survey Rob Dixon
Maybe I'm missing something... Will Metcalf
Re: Win32: failed to initialize dynamic preprocessor: sf_sdf (ipv6) Jun Wan
Re: [Snort-users] Win32 Users Survey Steven Sturges
Re: Maybe I'm missing something... beenph
Re: Maybe I'm missing something... Will Metcalf
Re: Maybe I'm missing something... beenph
Re: Maybe I'm missing something... Will Metcalf
Re: Win32: failed to initialize dynamic preprocessor: sf_sdf (ipv6) Michael Steele
Re: Maybe I'm missing something... beenph
Re: [Snort-devel] Win32 Users Survey Michael Steele
Re: Maybe I'm missing something... Will Metcalf

Thursday, 06 May

Re: Win32: failed to initialize dynamic preprocessor: sf_sdf (ipv6) Max Williams
Re: Bugreport - 60 second timeout before shutdown elof
Re: Bugreport - 60 second timeout before shutdown Jason Wallace
Re: Snort 2.8.6 and gzip decoding functionality not working for me Jason Wallace
Re: Snort 2.8.6 and gzip decoding functionality not working for me Matt Olney
Re: [Snort-users] Win32: failed to initialize dynamic preprocessor: sf_sdf (ipv6) Michael Steele
Re: Bugreport - 60 second timeout before shutdown Steven Sturges
Re: [Snort-devel] Win32: failed to initialize dynamic preprocessor: sf_sdf (ipv6) Ryan Jordan
Re: How can i stop alerts that come from my own ip range? Paul Schmehl
Re: How can i stop alerts that come from my own ip range? Joe Pampel
Re: How can i stop alerts that come from my own ip range? Seth Art
Re: Distro of choice Luis Daniel Lucio Quiroz
Suricata RC1 Released! Matt Jonkman

Friday, 07 May

2.8.6 fatal error Alex Manchester
Re: 2.8.6 fatal error Jason Wallace
Re: How can i stop alerts that come from my own ip range? Paul Schmehl
Snort + Barnyard + alert file Fábio Ferrão
Snort With Base Access Without Delete IT Security
Snort 2.8.6 not loading sensitive data rules Andy Berryman
Re: Snort 2.8.6 not loading sensitive data rules Ryan Jordan
Re: Snort 2.8.6 not loading sensitive data rules Joel Esler
Autographed Book or Calendar Purple Bag
Re: Snort 2.8.6 not loading sensitive data rules Andy Berryman
Re: Snort 2.8.6 not loading sensitive data rules Ryan Jordan
Re: 2.8.6 fatal error Alex Manchester
Re: Autographed Book or Calendar purplebag
Re: [snort-sigs] Autographed Book or Calendar Nathan . Fowler
Re: Snort + Barnyard + alert file Vipul M Sawant

Saturday, 08 May

Confused Red Wookie

Sunday, 09 May

Re: Snort + Barnyard + alert file Russell Fulton

Monday, 10 May

http_inspect firing, despite no_alerts, suppression Erik
Re: http_inspect firing, despite no_alerts, suppression Joel Esler
Re: http_inspect firing, despite no_alerts, suppression Erik

Tuesday, 11 May

Snort with two sniffing interfaces Alejandro Cabrera Obed
Re: http_inspect firing, despite no_alerts, suppression Bhagya Bantwal
zlib and 2.8.6 problem on Ubuntu 8.04 John York
Re: zlib and 2.8.6 problem on Ubuntu 8.04 Ryan Jordan
Re: zlib and 2.8.6 problem on Ubuntu 8.04 Alex Manchester
Snort with two sniffing interfaces Alejandro Cabrera Obed
Re: Snort with two sniffing interfaces Max Williams
Re: zlib and 2.8.6 problem on Ubuntu 8.04 John York
Re: Snort with two sniffing interfaces Jason Wallace
Rule 486 Why is this server initiating ICMP traffic? James R. Marcus
Re: Rule 486 Why is this server initiating ICMP traffic? JJ Cummings
Re: Snort with two sniffing interfaces Seth Art
Re: Rule 486 Why is this server initiating ICMP traffic? James R. Marcus
Re: Snort with two sniffing interfaces Joel Esler
Re: Snort With Base Access Without Delete Galley, Daniel
Sourcefire VRT Certified Snort Rules Update 2010-05-11 Research
snort 2.8.6.0 inline (remote sensor) won't connect to mysqld Lawrence R. Hughes, Sr.
Daemonlogger won't run. Cannot find libdnet.1 Joe S
Re: snort 2.8.6.0 inline (remote sensor) won't connect to mysqld Will Metcalf
Re: snort 2.8.6.0 inline (remote sensor) won't connect to mysqld Joel Esler
Re: Daemonlogger won't run. Cannot find libdnet.1 Martin Roesch
snort 2.8.5.3 and PCAP_FRAMES Russell Fulton

Wednesday, 12 May

Snort 2.8.6 on Ubuntu 10.04 LTS Installation Guide David Gullett
NetBIOS sid 3218 - affected platforms? Willst Mail
Re: snort 2.8.5.3 and PCAP_FRAMES Joel Esler
Re: NetBIOS sid 3218 - affected platforms? Nigel Houghton
Re: NetBIOS sid 3218 - affected platforms? Nigel Houghton
Re: Daemonlogger won't run. Cannot find libdnet.1 Burks, Doug
VRT being offered to registered users? James Lay
Re: snort 2.8.5.3 and PCAP_FRAMES Russ Combs
Re: VRT being offered to registered users? Joel Esler
Re: Snort With Base Access Without Delete Jeff Kell
Re: I've just noticed that my linux snort is no longer using PCAP_FRAMES ??? Phil Wood
Re: snort 2.8.6.0 inline (remote sensor) won't connect to mysqld Paul Schmehl
Snrot 2.8.6 HTTP_Inspect fatal error? Andy Berryman
Re: Snrot 2.8.6 HTTP_Inspect fatal error? Andy Berryman
Snort 2.8.6.0 rules available to registered and subscribers for 30 days Joel Esler
Re: VRT being offered to registered users? Joel Esler
Re: Daemonlogger won't run. Cannot find libdnet.1 Joe S
Mainframe FTP Failed Logins paul stark
Re: Mainframe FTP Failed Logins evilghost () packetmail net
Re: Mainframe FTP Failed Logins Seth Art
Snort 2.8.6 Caught term signal? Andy Berryman
Re: Snort 2.8.6 Caught term signal? Edward Bjarte Fjellskål
mods to sid:15477 makes it so it can be trivially bypassed? Will Metcalf
sid:2278 will never fire with 2.8.6 Will Metcalf

Thursday, 13 May

Re: Mainframe FTP Failed Logins paul stark
Re: Snort 2.8.6 Caught term signal? Andy Berryman
Re: [Snort-sigs] Snort 2.8.6.0 rules available to registered and subscribers for 30 days Seth Art
Re: [Snort-sigs] Snort 2.8.6.0 rules available to registered and subscribers for 30 days Joel Esler
Re: [Snort-sigs] Snort 2.8.6.0 rules available to registered and subscribers for 30 days Seth Art
Re: [Snort-sigs] Snort 2.8.6.0 rules available to registered and subscribers for 30 days Mike Ferguson
Re: [Snort-sigs] Snort 2.8.6.0 rules available to registered and subscribers for 30 days Joel Esler
Re: Snort 2.8.6.0 rules available to registered and subscribers for 30 days L0rd Ch0de1m0rt
Re: [Snort-sigs] Snort 2.8.6.0 rules available to registered and subscribers for 30 days Joel Esler
Fix for Unknown preprocessor: "sensitive_data" when using snort.spec to build an RPM Seth Art
Re: Fix for Unknown preprocessor: "sensitive_data" when using snort.spec to build an RPM Ryan Jordan
Re: Fix for Unknown preprocessor: "sensitive_data" when using snort.spec to build an RPM Ryan Jordan
Google Captcha Signature Gregory Zill
Sourcefire VRT Certified Snort Rules Update 2010-05-13 Research

Friday, 14 May

Re: Snort 2.8.6 and gzip decoding functionality not working for me Nerijus Krukauskas
VPN Users Bill Pickens
Re: Snort with two sniffing interfaces Alejandro Cabrera Obed
Re: VPN Users Stephen Mullins
Fwd: Inconsistencies with ruletype definition in >= Snort 2.8.5.3 Yun Zheng Hu

Saturday, 15 May

Re: VPN Users Jason Haar

Monday, 17 May

Sid 6251 misspelling Lee Clemens
Next OISF Brainstorming Meeting Announced! Matt Jonkman
Re: snort 2.8.5.3 and PCAP_FRAMES Russell Fulton

Tuesday, 18 May

Rules for version 2.7.0 Rodney Green
Re: Rules for version 2.7.0 Joel Esler
Re: Rules for version 2.7.0 Rodney Green
Re: Snort with two sniffing interfaces Andy Berryman
Re: Snort with two sniffing interfaces Crook, Parker
Re: Snort with two sniffing interfaces Alejandro Cabrera Obed
Another question about the inspect_gzip option in Snort 2.8.6 L0rd Ch0de1m0rt
Re: Another question about the inspect_gzip option in Snort 2.8.6 Bhagya Bantwal
Re: Another question about the inspect_gzip option in Snort 2.8.6 L0rd Ch0de1m0rt
Re: Another question about the inspect_gzip option in Snort 2.8.6 Bhagya Bantwal
When to update gen-msg.map, reference.config, classification.conf, unicode.map? Andy Berryman
Re: When to update gen-msg.map, reference.config, classification.conf, unicode.map? Joel Esler
Re: When to update gen-msg.map, reference.config, classification.conf, unicode.map? JJ Cummings
Sourcefire VRT Certified Snort Rules Update 2010-05-18 Research

Wednesday, 19 May

Re: Sid 6251 misspelling Alex Kirk
Sourcefire VRT Certified Snort Rules Update 2010-05-19 Research
Using suppress and syntax Bill Pickens
Re: Using suppress and syntax Jefferson, Shawn
SF: Someone please update the gen-msg.map in rules tarball Russell Fulton
Re: Using suppress and syntax Jason Wallace
Re: SF: Someone please update the gen-msg.map in rules tarball Nigel Houghton
Re: SF: Someone please update the gen-msg.map in rules tarball Russell Fulton
Re: Using suppress and syntax Bill Pickens
[HITB-Announce] HITBSecConf2010 - Malaysia Call for Papers Hafez Kamal
[HITB-Announce] HITBSecConf2010 - Malaysia Call for Papers Hafez Kamal
Identifying Non-SSL traffic on port 443 Ray Van Dolson
Re: Identifying Non-SSL traffic on port 443 Ray Van Dolson
snort crash in TcpSessionCleanup Prithvi Telang

Thursday, 20 May

Re: Snort with two sniffing interfaces Edward Bjarte Fjellskål
Pipelining and flowpinning Jonathan Saint-Léger
Re: snort crash in TcpSessionCleanup Todd Wease
Re: snort crash in TcpSessionCleanup Prithvi Telang
Re: snort crash in TcpSessionCleanup Todd Wease
Understanding protocol mismatch James Lay
Snort with low mem Parag Pote
Re: SF: Someone please update the gen-msg.map in rules tarball Nigel Houghton
Re: Snort with low mem Joel Esler
Re: Snort with two sniffing interfaces Joel Esler
Re: Using suppress and syntax Joel Esler
Re: Snort with low mem Jefferson, Shawn
Suppress versus #Rule for performance. Bill Pickens
Re: Suppress versus #Rule for performance. Joel Esler
Re: Suppress versus #Rule for performance. Jefferson, Shawn
Re: Suppress versus #Rule for performance. Joel Esler
Re: Suppress versus #Rule for performance. JJ Cummings
Re: Suppress versus #Rule for performance. Ray Caparros
Re: SF: Someone please update the gen-msg.map in rules tarball Russell Fulton
Re: SF: Someone please update the gen-msg.map in rules tarball Nigel Houghton
Re: Suppress versus #Rule for performance. Jason Wallace

Friday, 21 May

ssn_groups_Jan10.csv snort 2.8.6.0 missing file? Lawrence R. Hughes, Sr.
Re: ssn_groups_Jan10.csv snort 2.8.6.0 missing file? JJC

Sunday, 23 May

still can't get 2.8.6 rules? Jason Haar
Re: still can't get 2.8.6 rules? Nigel Houghton
Re: still can't get 2.8.6 rules? Jason Haar
Re: still can't get 2.8.6 rules? Nigel Houghton

Monday, 24 May

Re: Pipelining and flowpinning Martin Roesch
ppm Randal T. RIoux

Tuesday, 25 May

Re: ppm Russ Combs
so_rules for solaris? Luis
Re: so_rules for solaris? Nigel Houghton
Re: still can't get 2.8.6 rules? Will Metcalf
Re: still can't get 2.8.6 rules? Joel Esler
Re: still can't get 2.8.6 rules? Will Metcalf
Re: so_rules for solaris? Luis
ssn_groups_Jan10.csv link to download or file format snort 2.8.6.0 Lawrence R. Hughes, Sr.
Re: ssn_groups_Jan10.csv link to download or file format snort 2.8.6.0 IT Security
Re: ssn_groups_Jan10.csv link to download or file format snort 2.8.6.0 Ryan Jordan
Re: still can't get 2.8.6 rules? Joel Esler
[MailServer Notification]Attachment Blocking Notification support
Sourcefire VRT Certified Snort Rules Update 2010-05-25 Research

Wednesday, 26 May

snortUnixDomainSocket.py Arn Vollebregt
Suricata 0.9.1 RC2 Available! Matt Jonkman
Reminder to update PulledPork and Oinkmaster downloads Joel Esler
Re: snort crash in TcpSessionCleanup Prithvi Telang

Thursday, 27 May

EUSecWest 2010 MiniCFP (conf Jun 16/17) and PacSec 2010 CFP (conf Nov 10/11, deadline July 30) Dragos Ruiu
Crusoe Researches offer new rules for detecting last Ftpd Opie attack rmkml
snort not generating lots of alerts Pedro Marinho
Oinkmaster update failed Tim Cline
Re: Oinkmaster update failed JJC
Re: Oinkmaster update failed Joel Esler
snort output database bind address? Lawrence R. Hughes, Sr.
bug - "2.8.6" should be "2.8.6.0" Jason Haar
Re: snort output database bind address? Joel Esler

Friday, 28 May

Re: Suppress versus #Rule for performance. JJC
Re: Suppress versus #Rule for performance. Joel Esler
Problem Snort + ACID Jaime Peña Vidal
Re: Problem Snort + ACID Nick Moore
Re: Problem Snort + ACID Joel Esler
Re: Problem Snort + ACID Jaime Peña Vidal
Re: Problem Snort + ACID Jaime Peña Vidal
Re: Problem Snort + ACID Joel Esler
Re: Problem Snort + ACID Jaime Peña Vidal

Saturday, 29 May

Re: snort not generating lots of alerts firewalZ

Sunday, 30 May

Stream5 reassembly Parag Pote

Monday, 31 May

Re: Stream5 reassembly Patrick Billings
Re: Stream5 reassembly Parag Pote
Re: Stream5 reassembly Joel Esler
Re: Stream5 reassembly Parag Pote
[RFC] Packet Header Anomaly Detection (PHAD) preprocessor Bernhard Guillon
Re: Stream5 reassembly Joel Esler
Problem Snort + Base Jaime Peña Vidal
Re: Problem Snort + Base olli hauer

Tuesday, 01 June

Re: Stream5 reassembly Parag Pote
Re: Stream5 reassembly Patrick Billings
Re: Stream5 reassembly Joel Esler
Re: Snort-users Digest, Vol 48, Issue 45 Pedro Marinho
snort 2.8.6.0 core on solaris Luis

Wednesday, 02 June

book for Snort Jun Wan
Re: book for Snort Michael Steele
Re: book for Snort Joel Esler
Re: book for Snort Joe Pampel
Re: book for Snort Matt Olney
OISF Brainstorming Meeting Filling up Fast! Matt Jonkman
SSLv2 alerts Chong Lee Poh

Thursday, 03 June

Re: book for Snort Jun Wan
Snortsp 3.0 manual or info Martin Spinassi
Re: Snortsp 3.0 manual or info Joel Esler
snort 2.8.6.0 inline blocking all traffic, but not reporting Lawrence R. Hughes, Sr.
Re: snort 2.8.6.0 inline blocking all traffic, but not reporting Joel Esler
Re: Snortsp 3.0 manual or info Martin Spinassi
Re: Snortsp 3.0 manual or info Joel Esler
Sourcefire VRT Certified Snort Rules Update 2010-06-03 Research
wrong ELF class with /usr/lib64/snort-2.8.6_dynamicengine/libsf_engine.so Andy Madsen
Re: Snortsp 3.0 manual or info Martin Spinassi
preprocessor sensitive_data (snort 2.8.6.0) Lawrence R. Hughes, Sr.

Friday, 04 June

Re: preprocessor sensitive_data (snort 2.8.6.0) Joel Esler
Re: preprocessor sensitive_data (snort 2.8.6.0) Jason Wallace
Re: preprocessor sensitive_data (snort 2.8.6.0) Ryan Jordan
Re: preprocessor sensitive_data (snort 2.8.6.0) Ryan Jordan
Re: preprocessor sensitive_data (snort 2.8.6.0) Ryan Jordan
Re: preprocessor sensitive_data (snort 2.8.6.0) Ryan Jordan
Re: preprocessor sensitive_data (snort 2.8.6.0) Ryan Jordan
config profile_rules Pedro Marinho
Re: config profile_rules Joel Esler
Re: config profile_rules Pedro Marinho
Re: config profile_rules Jefferson, Shawn
Re: config profile_rules Joel Esler
Snort 2.8.6 generatin invalid ip options in events? Andy Berryman
Re: Snort 2.8.6 generatin invalid ip options in events? Joel Esler
false positive rules in snort 2.8.6.0 Lawrence R. Hughes, Sr.
Re: false positive rules in snort 2.8.6.0 Joel Esler
Re: preprocessor sensitive_data (snort 2.8.6.0) Safwat Fahmy
Re: [Snort-users] Snort 2.8.6 generatin invalid ip options in events? Bruce A. Sanders
Re: false positive rules in snort 2.8.6.0 Will Metcalf
Re: false positive rules in snort 2.8.6.0 Joel Esler
Re: false positive rules in snort 2.8.6.0 Safwat Fahmy
Re: false positive rules in snort 2.8.6.0 JJC
Re: false positive rules in snort 2.8.6.0 Will Metcalf

Saturday, 05 June

Sourcefire VRT Certified Snort Rules Update 2010-06-05 Research

Sunday, 06 June

Daemonlogger and BPF Randal T. RIoux
Re: Daemonlogger and BPF Jason Brvenik
Re: Daemonlogger and BPF Martin Roesch
Re: Daemonlogger and BPF Randal T. RIoux

Monday, 07 June

Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 infosec posts
Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 Nigel Houghton
Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 infosec posts
Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 Nigel Houghton
Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 L0rd Ch0de1m0rt
(SPSA) Snorby Preconfigured Security Applications new release. phillip bailey

Tuesday, 08 June

Rule updates failing James Lay
Re: Rule updates failing Nigel Houghton
Snort rules help Pat McNamara
Re: Snort rules help Joel Esler
Re: Snort rules help Joel Esler
event_filter Beatriz Duran
[Snort : IPS Mode] Anas.B
Re: [Snort : IPS Mode] Will Metcalf
Re: [Snort : IPS Mode] Joel Esler
Re: [Snort : IPS Mode] Joel Esler
Sourcefire VRT Certified Snort Rules Update 2010-06-08 Research

Wednesday, 09 June

Stream5 - UDP Parag Pote
Re: Snort with low mem Parag Pote
Re: Stream5 - UDP Matt Olney
ERROR: Rules with SDF options cannot have other detection options in the same rule Michael Steele
snort 2.8.6.0 & barnyard2-1.8 problems Lawrence R. Hughes, Sr.
Re: snort 2.8.6.0 & barnyard2-1.8 problems JJC
Re: snort 2.8.6.0 & barnyard2-1.8 problems JJC
2010 Snort Scholarship Winners Mike Guiterman
Re: snort 2.8.6.0 & barnyard2-1.8 problems Eoin Miller
Snort not inspecting all traffic sourcing from itself? L0rd Ch0de1m0rt
Re: Snort not inspecting all traffic sourcing from itself? Joel Esler

Thursday, 10 June

Re: Snort not inspecting all traffic sourcing from itself? L0rd Ch0de1m0rt
No need for content modifier 'within' L0rd Ch0de1m0rt
Re: No need for content modifier 'within' Joel Esler
Re: No need for content modifier 'within' L0rd Ch0de1m0rt
Re: No need for content modifier 'within' Joel Esler
Re: No need for content modifier 'within' L0rd Ch0de1m0rt
Re: No need for content modifier 'within' Matt Olney
Re: No need for content modifier 'within' Crook, Parker
Re: No need for content modifier 'within' Crook, Parker
Sourcefire VRT Certified Snort Rules Update 2010-06-10 Research
BASE1.4.4 is not working properly Jun Wan
Re: BASE1.4.4 is not working properly Kevin Johnson

Friday, 11 June

Re: BASE1.4.4 is not working properly olli hauer
Re: Snort with low mem Todd Wease
Re: BASE1.4.4 is not working properly Kevin Johnson
FW: No need for content modifier 'within' Crook, Parker
Re: FW: No need for content modifier 'within' Sandro guly Zaccarini

Sunday, 13 June

tcp syn flood attack black_angel black_angel

Monday, 14 June

Re: tcp syn flood attack Russ Combs
Re: tcp syn flood attack Luis Daniel Lucio Quiroz
Re: tcp syn flood attack Russ Combs
Bad segment question James Lay
Re: Bad segment question Russ Combs
Sourcefire VRT Certified Snort Rules Update 2010-06-14 Research
Re: tcp syn flood attack Luis Daniel Lucio Quiroz
Re: tcp syn flood attack Russ Combs
Re: tcp syn flood attack Luis Daniel Lucio Quiroz
Re: tcp syn flood attack Russ Combs
using Snort to audit the firewall Cristian Grigoriu
Re: using Snort to audit the firewall Luis Daniel Lucio Quiroz
Mike Poor/Judy Novak blog Alex Tatistcheff
Re: Mike Poor/Judy Novak blog Matt Olney
Re: BASE1.4.4 is not working properly Jun Wan

Tuesday, 15 June

Functional Rule-chain? Crook, Parker
Re: Functional Rule-chain? Joel Esler
rules in snort inline black_angel black_angel
Re: rules in snort inline JJC
Re: rules in snort inline Nigel Houghton
Re: rules in snort inline Joel Esler
Re: rules in snort inline Burks, Doug
Re: rules in snort inline Crook, Parker
Re: rules in snort inline Tomas Heredia
Re: rules in snort inline Burks, Doug
Seeing "Caught Alrm-Signal" hourly. Any advice why? Andy Berryman
Re: rules in snort inline Paul Schmehl
Snort monitored by xymon or big brother Bruce Ferrell
Re: Snort monitored by xymon or big brother Will Metcalf

Wednesday, 16 June

Unified2 logs empty when using Snort-2.8.6 Kum Weng Luey
IDS and HoneyPot placement in LAN Quentin Ducas
Re: IDS and HoneyPot placement in LAN Matt Olney
Re: IDS and HoneyPot placement in LAN Joe Pampel
Re: Unified2 logs empty when using Snort-2.8.6 Joel Esler
BASE project lead Kevin Johnson
Re: BASE project lead Alan Ptak
snort rules Nayan Jyoti Das

Thursday, 17 June

duplicate rules (16412 and 16413) ? Nerijus Krukauskas
Re: duplicate rules (16412 and 16413) ? Nerijus Krukauskas
Re: snort rules Joel Esler
Re: duplicate rules (16412 and 16413) ? Rodrigo Montoro(Sp0oKeR)
Re: snort rules Phillip Bailey
Sourcefire VRT Certified Snort Rules Update 2010-06-17 Research
Snort Report 2.0 Beta Released David Gullett
Re: Snort Report 2.0 Beta Released Randal T. Rioux
snort arp spoof Nayan Jyoti Das

Friday, 18 June

Re: Snort Report 2.0 Beta Released David Gullett
Suricata 0.9.2 RC3 Released Matt Jonkman
Re: [Snort-devel] Suricata 0.9.2 RC3 Released Matt Jonkman
sid:2318 invalid pcre match? Will Metcalf
Re: sid:2318 invalid pcre match? Crook, Parker
Re: sid:2318 invalid pcre match? Alex Kirk
Re: sid:2318 invalid pcre match? Will Metcalf
Re: sid:2318 invalid pcre match? Will Metcalf
Re: Suricata 0.9.2 RC3 Released Randal T. Rioux
Re: Suricata 0.9.2 RC3 Released Matt Jonkman
Re: Suricata 0.9.2 RC3 Released Mark W. Jeanmougin
Re: Suricata 0.9.2 RC3 Released Randal T. Rioux

Saturday, 19 June

Problem downloading latest rules Kum Weng Luey

Sunday, 20 June

Re: Problem downloading latest rules Joel Esler
Re: Problem downloading latest rules Kw Luey

Monday, 21 June

Default Rules Clue Store
Re: Default Rules Alex Kirk
Re: Default Rules Clue Store
Re: Default Rules Joe Pampel
Re: Default Rules Clue Store
Re: (no subject) Steven Sturges
snort warnings and such kalin m

Tuesday, 22 June

upgrade problems 2.5.2 to 2.8.6 aanderson
Re: upgrade problems 2.5.2 to 2.8.6 JJ Cummings
Re: upgrade problems 2.5.2 to 2.8.6 Joel Esler
Re: upgrade problems 2.5.2 to 2.8.6 Crook, Parker
Re: upgrade problems 2.5.2 to 2.8.6 Matt Olney
Re: upgrade problems 2.5.2 to 2.8.6 aanderson
Re: upgrade problems 2.5.2 to 2.8.6 Crook, Parker
Re: upgrade problems 2.5.2 to 2.8.6 Joel Esler
Useful logging of performance statistics Crook, Parker
Re: upgrade problems 2.5.2 to 2.8.6 aanderson
Re: Useful logging of performance statistics Jason Wallace
Re: Useful logging of performance statistics Crook, Parker
Sourcefire VRT Certified Snort Rules Update 2010-06-22 Research
Re: Useful logging of performance statistics Jason Wallace

Wednesday, 23 June

Re: Useful logging of performance statistics Crook, Parker
Having problem with Barnyard Nick Moore
Re: Having problem with Barnyard JJC
Re: Having problem with Barnyard Nick Moore
Re: Having problem with Barnyard JJC
Re: Having problem with Barnyard Nick Moore
Help Ninad Purohit

Thursday, 24 June

Re: Having problem with Barnyard firnsy
Re: Having problem with Barnyard firnsy
Re: Useful logging of performance statistics Crook, Parker
invalid use of byte_test on sid:16603 Will Metcalf
Re: invalid use of byte_test on sid:16603 Will Metcalf
Re: invalid use of byte_test on sid:16603 Russ Combs
Sending Alerts out a TCP/IP Port Willie Peloquin

Friday, 25 June

snortid.com Javier Romero
Re: snortid.com Nigel Houghton
Re: snortid.com CleBeer
Sagan 0.1.0 released [Snort like log analysis engine] Champ Clark III [Softwink]

Sunday, 27 June

Automatic Snort Ruleset Updates through Scripting David Gullett
Re: Automatic Snort Ruleset Updates through Scripting JJ Cummings
Re: Automatic Snort Ruleset Updates through Scripting Randal T. Rioux

Monday, 28 June

Re: Automatic Snort Ruleset Updates through Scripting Nigel Houghton
Barnyward not running properly Kun, Mike
Re: Barnyward not running properly JJC
Re: Automatic Snort Ruleset Updates through Scripting Randal T. Rioux
Re: Automatic Snort Ruleset Updates through Scripting Nigel Houghton
Update your oinkmaster/pulled_pork conf files Mike Guiterman

Tuesday, 29 June

Oinkmaster update excitement James Lay
the priority of the alarm in the BASES I I
rule download problem John York
Re: Oinkmaster update excitement Nerijus Krukauskas
Re: [Snort-sigs] Update your oinkmaster/pulled_pork conf files infosec posts
Re: Oinkmaster update excitement Joel Esler
Re: [Snort-sigs] Update your oinkmaster/pulled_pork conf files Joel Esler
Re: rule download problem JJC
Re: [Snort-sigs] Update your oinkmaster/pulled_porkconf files Joel Esler
Re: Update your oinkmaster/pulled_pork conf files L0rd Ch0de1m0rt
Re: [Snort-users] Update your oinkmaster/pulled_porkconf files Weir, Jason
Re: rule download problem Crook, Parker
Re: rule download problem JJC
Re: rule download problem Crook, Parker
Re: [Snort-sigs] Update your oinkmaster/pulled_porkconf files Joel Esler
BASE and Snort FQDN Resolution Question IT Security
Sourcefire VRT Certified Snort Rules Update 2010-06-29 Research
pulledpork v0.4.2 is outed, get it while it's hawt! JJC

Wednesday, 30 June

Re: [Snort-users] Update your oinkmaster/pulled_porkconf files Weir, Jason
Re: [Snort-sigs] Update your oinkmaster/pulled_porkconf files Joel Esler
Re: [Snort-sigs] Update your oinkmaster/pulled_porkconf files Mike Guiterman
Re: [Snort-users] Update your oinkmaster/pulled_porkconf files dokas
Re: [Snort-users] Update your oinkmaster/pulled_porkconf files Fred Austin
Re: [Snort-users] Update your oinkmaster/pulled_porkconf files Todd Adamson
Re: [Snort-sigs] Update your oinkmaster/pulled_porkconf files Joel Esler
Re: [Snort-sigs] Update your oinkmaster/pulled_porkconf files infosec posts
Re: [Snort-users] Update your oinkmaster/pulled_porkconf files Fred Austin
Re: Update your oinkmaster/pulled_porkconf files Weir, Jason
Re: Update your oinkmaster/pulled_porkconf files Joel Esler
Re: Sagan 0.1.0 released [Snort like log analysis engine] CunningPike
Recent Rule Changes Joel Esler
Re: rule download problem Jefferson, Shawn
Re: rule download problem Joel Esler
Re: rule download problem Jefferson, Shawn
Re: rule download problem Joel Esler
Re: rule download problem Jefferson, Shawn
Re: rule download problem Joel Esler
Re: Recent Rule Changes Randal T. Rioux
Re: Recent [unilateral, unannounced] Rule Changes JP Vossen

Previous period

Next period