Snort mailing list archives
sid-msg.map incomplete again
From: "Lawrence R. Hughes, Sr." <lhughes () safemedia com>
Date: Tue, 25 Jan 2011 11:32:08 -0500
Hi, How come VRT continues to release new rules, but does not update the sid-msg.map file? Just downloaded the latest VRT rules with 4 new rules and the following sids were missing from the sid-msg.map file for these rules: 18206 || NETBIOS Windows Address Book wab32res.dll malicious DLL load 18209 || NETBIOS Windows 7 Home peerdist.dll dll-load exploit attempt 18211 || NETBIOS Microsoft Movie Maker hhctrl.ocx dll-load exploit attempt 18278 || NETBIOS Vista Backup Tool fveapi.dll dll-load exploit attempt We added the above by hand... Thanks, Larry
------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- sid-msg.map incomplete again Lawrence R. Hughes, Sr. (Jan 25)
- Re: sid-msg.map incomplete again Nigel Houghton (Jan 25)
- Re: sid-msg.map incomplete again Lawrence R. Hughes, Sr. (Jan 25)
- Re: sid-msg.map incomplete again Nigel Houghton (Jan 25)
- Re: sid-msg.map incomplete again Champ Clark III [Softwink] (Jan 25)
- Re: sid-msg.map incomplete again Paul Halliday (Jan 25)
- Re: sid-msg.map incomplete again waldo kitty (Jan 25)
- Re: sid-msg.map incomplete again Nigel Houghton (Jan 25)
- Re: sid-msg.map incomplete again Lawrence R. Hughes, Sr. (Jan 25)
- Re: sid-msg.map incomplete again Nigel Houghton (Jan 25)