Snort: by date
RSS Feed
About List
All Lists
Previous period
829 messages
starting Apr 01 11 and
ending Jun 30 11
Date index |
Thread index |
Author index
Friday, 01 April
coughing up water on FP and notifications Crusty Saint
Re: coughing up water on FP and notifications Nigel Houghton
Re: Enc: Problems to start snort 2.9 Ivani A. Nascimento
More problems with pulledpork 0.6.0 carlopmart
Re: More problems with pulledpork 0.6.0 JJC
Re: More problems with pulledpork 0.6.0 carlopmart
Re: More problems with pulledpork 0.6.0 JJC
Re: More problems with pulledpork 0.6.0 carlopmart
Re: More problems with pulledpork 0.6.0 JJC
Re: More problems with pulledpork 0.6.0 carlopmart
Re: More problems with pulledpork 0.6.0 JJC
Re: More problems with pulledpork 0.6.0 JJC
Re: More problems with pulledpork 0.6.0 carlopmart
Re: More problems with pulledpork 0.6.0 JJC
Re: More problems with pulledpork 0.6.0 carlopmart
Re: Enc: Problems to start snort 2.9 Ivani A. Nascimento
Re: does snort pick up lthe izamoon attack? Alex Kirk
Re: rules management tools Martin Holste
About using reject in pulledpork carlopmart
Saturday, 02 April
Re: barnyard patches? http://colin.grady.us/ offline ? Agustin Roca
Re: Snort-users Digest, Vol 58, Issue 73 Randal T. Rioux
Re: Snort-users Digest, Vol 58, Issue 73 Martin Holste
Monday, 04 April
Dynamic Preprocessor Example doesn't log in Database Thomas LESTRIEZ
Re: Dynamic Preprocessor Example doesn't log in Database Thomas LESTRIEZ
[HITB-Announce] HITBSecConf2011 - Malaysia Call for Papers Now Open Hafez Kamal
[HITB-Announce] HITBSecConf2011 - Malaysia Call for Papers Now Open Hafez Kamal
Snort 2.9.04 not Alert on Inet interface childrenofchaos
Snort, Barnyard and Base FreeBSD Atkins, Dwane P
Re: Snort, Barnyard and Base FreeBSD Paul Schmehl
Re: About using reject in pulledpork carlopmart
Re: About using reject in pulledpork JJC
Re: Voip attack Chong Lee Poh
Tuesday, 05 April
Poor bandwidth using snort 2.9.0.4 in afpacket mode carlopmart
Re: Dynamic Preprocessor Example doesn't log in Database Thomas LESTRIEZ
using snort for an IDS/IPS appliance d a
using snort for an IDS/IPS appliance d a
Re: using snort for an IDS/IPS appliance matan monitz
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode Nigel Houghton
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode carlopmart
Re: using snort for an IDS/IPS appliance d a
Re: using snort for an IDS/IPS appliance Nigel Houghton
disabling rule groups based on host groups/subnets Youngquist, Jason R.
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode Nigel Houghton
Re: disabling rule groups based on host groups/subnets Joel Esler
Re: disabling rule groups based on host groups/subnets Edward Fjellskål
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode carlopmart
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode Russ Combs
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode carlopmart
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode Russ Combs
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode carlopmart
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode Russ Combs
Re: Poor bandwidth using snort 2.9.0.4 in afpacket mode carlopmart
Re: Enc: Problems to start snort 2.9 Ivani A. Nascimento
Wednesday, 06 April
Re: using snort for an IDS/IPS appliance d a
strem5 session hijacked produce a lot of alerts with lb firewalls carlopmart
Re: Dynamic Preprocessor Example doesn't log in Database Nick Moore
First 2011 Snort Webcast Registration is Open! Joel Esler
Re: strem5 session hijacked produce a lot of alerts with lb firewalls carlopmart
Re: strem5 session hijacked produce a lot of alerts with lb firewalls Joel Esler
Re: strem5 session hijacked produce a lot of alerts with lb firewalls carlopmart
Re: strem5 session hijacked produce a lot of alerts with lb firewalls Joel Esler
Re: strem5 session hijacked produce a lot of alerts with lb firewalls carlopmart
Sourcefire VRT Certified Snort Rules Update 2011-04-06 Research
2.9.0.5 is available for download! Joel Esler
Snort 2.9.0.5 Now Available Snort Releases
Snort 2.9.0.5 Now Available Snort Releases
Re: First 2011 Snort Webcast Registration is Open! Lee Fisher
Re: First 2011 Snort Webcast Registration is Open! Joel Esler
Re: First 2011 Snort Webcast Registration is Open! Nigel Houghton
Re: Snort 2.9.0.5 Now Available Jefferson, Shawn
Gbps Network Taps Michael Lubinski
Re: Gbps Network Taps Ray Caparros
Thursday, 07 April
Dynamic Preprocessor Example doesn't log in Database Thomas LESTRIEZ
Re: Gbps Network Taps Joe Pampel
Problems running 32 bit snort on a 64 bit linux kernel Sudarshan Raghavan
Re: Gbps Network Taps Mark W. Jeanmougin
Re: Gbps Network Taps Daniel Shepherd
Re: Homebrew Snort Reactive/Unified2 output Korodev
Re: Problems running 32 bit snort on a 64 bit linux kernel Russ Combs
Re: Homebrew Snort Reactive/Unified2 output beenph
Re: Homebrew Snort Reactive/Unified2 output JJC
Re: Problems running 32 bit snort on a 64 bit linux kernel Sudarshan Raghavan
Re: Problems running 32 bit snort on a 64 bit linux kernel Russ Combs
Re: Homebrew Snort Reactive/Unified2 output Korodev
Question on SID 18358 Lay, James
Re: First 2011 Snort Webcast Registration is Open! Randal T. Rioux
Friday, 08 April
RPC Portmap Request Mohd Mukrim Che Mohamad Zulkifly
Re: Dynamic Preprocessor Example doesn't log in Database Thomas LESTRIEZ
Inputs about polman for managing rules carlopmart
updated RHEL5/6 packages for Snort 2.9.0.5 Now Available vincent
Re: First 2011 Snort Webcast Registration is Open! Nigel Houghton
Re: Inputs about polman for managing rules Edward Fjellskål
Re: Question on SID 18358 Matt Olney
FP on 18604 Lay, James
Re: RPC Portmap Request Joel Esler
Re: Inputs about polman for managing rules Martin Holste
Re: Question on SID 18358 Lay, James
Help with noisy alerts for known application Geoff Sweet
Re: Help with noisy alerts for known application Daniel Shepherd
Re: Help with noisy alerts for known application Joel Esler
Re: Question on SID 18358 Joel Esler
Re: snort 2.9.0.4 won't daemonize, OpenBSD 4.7 Olaf Schreck
Re: snort 2.9.0.4 won't daemonize, OpenBSD 4.7 Joel Esler
PP not ignoring ICMP Agus
Re: PP not ignoring ICMP JJC
Re: PP not ignoring ICMP JJC
Re: PP not ignoring ICMP Agus
Re: PP not ignoring ICMP JJC
Re: PP not ignoring ICMP Agus
Re: using snort for 10Gbps traffic rate d a
Re: using snort for 10Gbps traffic rate Martin Holste
Snort Rules against Snort Version... Updates... Agus
Saturday, 09 April
Re: Snort Rules against Snort Version... Updates... Joel Esler
Sunday, 10 April
Re: Help with noisy alerts for known application Geoff Sweet
Re: RPC Portmap Request Mohd Mukrim Che Mohamad Zulkifly
Re: Help with noisy alerts for known application Daniel Shepherd
Monday, 11 April
Re: RPC Portmap Request Joel Esler
[SNORT-devel] Snort with anomaly detection Nguyen Kien
Re: Help with noisy alerts for known application Jason Wallace
Rapid7 and Snort....Good Things from this I think Gibson, Nathan J. (HSC)
Re: [PATCHES] Fixes for daq_nfq Russ Combs
Re: Rapid7 and Snort....Good Things from this I think Michael Lubinski
Re: Rapid7 and Snort....Good Things from this I think Jefferson, Shawn
Re: Rapid7 and Snort....Good Things from this I think Albert R. Campa
Re: Rapid7 and Snort....Good Things from this I think Ray Caparros
Re: Rapid7 and Snort....Good Things from this I think Martin Holste
Re: Rapid7 and Snort....Good Things from this I think Chris Jacob
Re: [SNORT-devel] Snort with anomaly detection Martin Holste
Re: Rapid7 and Snort....Good Things from this I think Jason Wallace
Re: Rapid7 and Snort....Good Things from this I think Joel Esler
Re: Rapid7 and Snort....Good Things from this I think Jason Brvenik
Re: Rapid7 and Snort....Good Things from this I think Joel Esler
Re: Rapid7 and Snort....Good Things from this I think Alan Ptak
Snort VM monitoring other VMs (virtual environment) turki
Re: Snort VM monitoring other VMs (virtual environment) Jason Wallace
Re: Snort VM monitoring other VMs (virtual environment) turki
Re: Snort VM monitoring other VMs (virtual environment) Mike Lococo
False positive? Jefferson, Shawn
Re: False positive? Joel Esler
Re: Rapid7 and Snort....Good Things from this I think James Lay
Flags keyword still doesn't treat rserved bits as ECE and CWR Joshua.Kinard
Re: Flags keyword still doesn't treat rserved bits as ECE and CWR Joel Esler
Re: False positive? Shirk Dog
New Question for SID 17294 and SID 17407 Mohd Mukrim Che Mohamad Zulkifly
Tuesday, 12 April
Re: Snort VM monitoring other VMs (virtual environment) turki
Re: False positive? Joel Esler
Re: Snort VM monitoring other VMs (virtual environment) Crusty Saint
Re: Dynamic Preprocessor Example doesn't log in Database Hui Cao
Re: Dynamic Preprocessor Example doesn't log in Database Hui Cao
Snort for Amazon Infrastructure Srinivasa . Balaji
Re: New Question for SID 17294 and SID 17407 rmkml
Re: New Question for SID 17294 and SID 17407 Matt Olney
Problem with snort,oinkmaster, and feed Carney, Megan
sudden sensitive_data threshold exceeded alerts Agus
NIDS capacity planning formula and feedback Martin Holste
Sourcefire VRT Certified Snort Rules Update 2011-04-12 Research
Gentoo Users: pulledpork-0.6.1 is in Sunrise Jason Wallace
Re: Gentoo Users: pulledpork-0.6.1 is in Sunrise JJC
Re: sudden sensitive_data threshold exceeded alerts Jason Wallace
Multiple sensors one database Atkins, Dwane P
Re: sudden sensitive_data threshold exceeded alerts Ryan Jordan
Re: sudden sensitive_data threshold exceeded alerts Agus
Re: Flags keyword still doesn't treat rserved bits as ECE and CWR Joshua.Kinard
Re: Multiple sensors one database beenph
Re: Multiple sensors one database Atkins, Dwane P
Wednesday, 13 April
Gentoo Users: snort-2.9.0.5 is available in Portage Jason Wallace
Re: Gentoo Users: snort-2.9.0.5 is available in Portage Joel Esler
snort in centos not HUPing Agus
Re: Multiple sensors one database Atkins, Dwane P
Re: snort in centos not HUPing Jason Wallace
Re: snort in centos not HUPing Agus
Re: Multiple sensors one database beenph
Re: snort in centos not HUPing Agus
Re: Snort VM monitoring other VMs (virtual environment) turki
Thursday, 14 April
How to compile a Dynamic Preprocssor alone? Thomas LESTRIEZ
SourceFire Appliance 3D9900 capabilities d a
Re: SourceFire Appliance 3D9900 capabilities Jason Wallace
Re: SourceFire Appliance 3D9900 capabilities Jeff Murphy
Re: How to compile a Dynamic Preprocssor alone? Russ Combs
Re: SourceFire Appliance 3D9900 capabilities Martin Holste
Re: SourceFire Appliance 3D9900 capabilities Joel Esler
fast patter errors PAURON, GUILLAUME (GUILLAUME)
Ebuild for PF_RING dynamically loadable kernel module Jason Wallace
barnyard2 error with waldo file Agus
Re: barnyard2 error with waldo file Weir, Jason
buglet in daq afpacket Jason Haar
Re: buglet in daq afpacket Joel Esler
Re: fast patter errors Joel Esler
Re: buglet in daq afpacket Russ Combs
Friday, 15 April
Re: fast patter errors PAURON, GUILLAUME (GUILLAUME)
Re: How to compile a Dynamic Preprocessor alone? Thomas LESTRIEZ
Re: fast patter errors Joel Esler
Re: threshold.conf and suppress 119 19 jason lytle
Saturday, 16 April
(no subject) Ishan Suryavanshi
Sunday, 17 April
Subscription rules vs Registered rules M.Turner Turner
how to acquire best setting of snort rules? M.Turner Turner
Re: Subscription rules vs Registered rules Joel Esler
Re: how to acquire best setting of snort rules? Joel Esler
likely FPs Web-Client .... dll-load exploit attempt Russell Fulton
Re: likely FPs Web-Client .... dll-load exploit attempt Joel Esler
Monday, 18 April
Re: Subscription rules vs Registered rules Kevin Ross
Re: how to acquire best setting of snort rules? Kevin Ross
Re: likely FPs Web-Client .... dll-load exploit attempt Patrick Mullen
Re: Snort Decoder Alerts with Multiple Configs Bhagya Bantwal
Purchasing New Equipment for Snort Merida, Dylan
Re: how to acquire best setting of snort rules? Joel Esler
Re: Purchasing New Equipment for Snort Martin Holste
Tuesday, 19 April
Sourcefire VRT Certified Snort Rules Update 2011-04-19 Research
Changes to Rule Changelogs Nigel Houghton
Re: Changes to Rule Changelogs Joel Esler
segfault while running snort 2.9.0.5 on CentOS 5.6 Charles Low
Re: segfault while running snort 2.9.0.5 on CentOS 5.6 Michael Altizer
Wednesday, 20 April
Re: segfault while running snort 2.9.0.5 on CentOS 5.6 Charles Low
Re: segfault while running snort 2.9.0.5 on CentOS 5.6 Russ Combs
Re: How to compile a Dynamic Preprocessor alone? Russ Combs
Re: Purchasing New Equipment for Snort Merida, Dylan
Re: Purchasing New Equipment for Snort Martin Holste
Thursday, 21 April
Sourcefire VRT Certified Snort Rules Update 2011-04-21 Research
Friday, 22 April
problem with "-Q --daq ipq" in run snort-2.9.0.5 M.Turner Turner
Portscan log file format Joshua Polsky
Re: Purchasing New Equipment for Snort Randal T. Rioux
Sunday, 24 April
Windows Server 2008 Standard x86 and sensitive-data.rules crashing Michael Steele
[snort-devel] sfportscan and SYN scan with data Virgil Hemery
byte_extract included on last snort v2.9.0.x! rmkml
Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Steven Sturges
Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Michael Steele
Monday, 25 April
Re: byte_extract included on last snort v2.9.0.x! Patrick Mullen
Re: [snort-devel] sfportscan and SYN scan with data Russ Combs
stream5 reassembly and split-tcp handshaking Kungu Panda
BotHunter Question Maverick
snort is logging alerts but not capturing corresponding packets for some rules Kumar, Mahendra
Re: snort is logging alerts but not capturing corresponding packets for some rules Lay, James
Re: snort is logging alerts but not capturing corresponding packets for some rules Joel Esler
Re: snort is logging alerts but not capturing corresponding packets for some rules James Lay
Re: snort is logging alerts but not capturing corresponding packets for some rules Joel Esler
Re: BotHunter Question Maverick
Tuesday, 26 April
Best bonding mode when multiple configs carlopmart
Snort: http_preprocessor issues on HTTP file uploads Cees
2012708 Will Metcalf
Re: [Emerging-Sigs] 2012708 Matthew Jonkman
Re: [Emerging-Sigs] 2012708 Will Metcalf
Re: [Emerging-Sigs] 2012708 Matt Olney
Re: [Emerging-Sigs] 2012708 Matthew Jonkman
Re: [Emerging-Sigs] 2012708 Steven Sturges
Re: [Emerging-Sigs] 2012708 Matthew Jonkman
Re: [Emerging-Sigs] 2012708 Will Metcalf
Re: snort is logging alerts but not capturing corresponding packets for some rules Joel Esler
Re: [Emerging-Sigs] 2012708 rmkml
threshold.conf limit not working for me Agus
Re: snort is logging alerts but not capturing corresponding packets for some rules Joel Esler
Re: [snort-devel] sfportscan and SYN scan with data Virgil Hemery
Re: snort is logging alerts but not capturing corresponding packets for some rules Joel Esler
Re: [Emerging-Sigs] 2012708 Matthew Jonkman
Re: [Emerging-Sigs] 2012708 Steven Sturges
Re: threshold.conf limit not working for me waldo kitty
Re: snort is logging alerts but not capturing corresponding packets for some rules Lay, James
Sourcefire VRT Certified Snort Rules Update 2011-04-26 Research
Re: threshold.conf limit not working for me Lay, James
Re: snort is logging alerts but not capturing corresponding packets for some rules Joel Esler
Re: threshold.conf limit not working for me Agus
Re: snort is logging alerts but not capturing corresponding packets for some rules Lay, James
Re: Best bonding mode when multiple configs carlopmart
Re: threshold.conf limit not working for me Agus
Re: threshold.conf limit not working for me Russ Combs
Re: snort is logging alerts but not capturing corresponding packets for some rules Kumar, Mahendra
Re: snort is logging alerts but not capturing corresponding packets for some rules Joel Esler
Wednesday, 27 April
Fwd: stream5 reassembly and split-tcp handshaking Kungu Panda
Re: stream5 reassembly and split-tcp handshaking Joel Esler
Unified2 questions Lay, James
Re: Unified2 questions Joel Esler
Re: stream5 reassembly and split-tcp handshaking Kungu Panda
Re: Unified2 questions Lay, James
doc/signature files in Snort-2.9.0.5 Dheeraj Gupta
Re: doc/signature files in Snort-2.9.0.5 Nigel Houghton
Re: snort is logging alerts but not capturing corresponding packets for some rules waldo kitty
Re: threshold.conf limit not working for me waldo kitty
Re: Unified2 questions waldo kitty
Re: snort is logging alerts but not capturing corresponding packets for some rules Joel Esler
Sourcefire VRT Certified Snort Rules Update 2011-04-27 Research
AUTO: Darren Terry is out of office. dterry
Re: doc/signature files in Snort-2.9.0.5 Zultan
Re: doc/signature files in Snort-2.9.0.5 Nigel Houghton
Re: doc/signature files in Snort-2.9.0.5 Zultan
Re: doc/signature files in Snort-2.9.0.5 Nigel Houghton
Re: doc/signature files in Snort-2.9.0.5 Zultan
Re: doc/signature files in Snort-2.9.0.5 Dheeraj Gupta
Thursday, 28 April
Akamai X Forwarding Proxy as Attack Vector jack mort
Re: Akamai X Forwarding Proxy as Attack Vector Martin Holste
Re: Akamai X Forwarding Proxy as Attack Vector jack mort
Difference between rule classification and rule priority? Andy Berryman
Re: buglet in daq afpacket Russ Combs
Re: Difference between rule classification and rule priority? Martin Holste
Current Snort 2.9.0 manual omission - PCRE modifiers evilghost () packetmail net
Re: Current Snort 2.9.0 manual omission - PCRE modifiers Joel Esler
Re: [Emerging-Sigs] Current Snort 2.9.0 manual omission - PCRE modifiers Will Metcalf
Re: FP on 3:15450:5 - BAD-TRAFFIC Conficker C/D DNS traffic detected Patrick Mullen
When Upgrading Breaks Auto Rule Management Eoin Miller
Re: When Upgrading Breaks Auto Rule Management Joel Esler
Re: When Upgrading Breaks Auto Rule Management Eoin Miller
Re: When Upgrading Breaks Auto Rule Management Jason Wallace
Re: When Upgrading Breaks Auto Rule Management Merida, Dylan
Re: When Upgrading Breaks Auto Rule Management Eoin Miller
Re: When Upgrading Breaks Auto Rule Management waldo kitty
VRT stream5 Preprocessor Config vs Default Settings Eoin Miller
Re: VRT stream5 Preprocessor Config vs Default Settings Joel Esler
SMTP SSLv2 openssl get shared ciphers overflow attempt Mohd Mukrim Che Mohamad Zulkifly
[PATCH 1/5]: byte_test: support bitwise OR Joshua.Kinard
[PATCH 2/5]: byte_extract: Add bitmasking support for calculated bytes Joshua.Kinard
[PATCH 3/5]: byte_jump: Add bitmasking support for calculated bytes Joshua.Kinard
[PATCH 4/5]: dcerpc2: Add bitmasking support for calculated bytes (byte_extract, byte_jump), and bitwise OR (byte_test) Joshua.Kinard
[PATCH 5/5]: manual: Add documentation for bitmasking (byte_extract, byte_jump), and bitwise OR (byte_test) Joshua.Kinard
Friday, 29 April
[PATCH 2/2] daq_nfq: avoid uneeded -ENOBUFS on queue overrun Florian Westphal
[PATCH 1/2] daq_nfq: snort defines its timeout in milliseconds, not seconds Florian Westphal
PATCH 1/1]: DAQ pcaprr module Jeff Murphy
Re: PATCH 1/1]: DAQ pcaprr module Russ Combs
Re: VRT stream5 Preprocessor Config vs Default Settings Matt Watchinski
Re: VRT stream5 Preprocessor Config vs Default Settings Russ Combs
Re: PATCH 1/1]: DAQ pcaprr module Jeff Murphy
Re: PATCH 1/1]: DAQ pcaprr module Russ Combs
Re: PATCH 1/1]: DAQ pcaprr module Joel Esler
Re: Difference between rule classification and rule priority? Jeff Murphy
Re: PATCH 1/1]: DAQ pcaprr module Michael Altizer
Re: PATCH 1/1]: DAQ pcaprr module Jeff Murphy
Re: [PATCH 2/2] daq_nfq: avoid uneeded -ENOBUFS on queue overrun Russ Combs
Re: [PATCH 1/2] daq_nfq: snort defines its timeout in milliseconds, not seconds Russ Combs
Re: [snort-devel] sfportscan and SYN scan with data Virgil Hemery
Sunday, 01 May
Re: VRT stream5 Preprocessor Config vs Default Settings Steven Sturges
Re: snort is logging alerts but not capturing corresponding packets for some rules Agustin Roca
Portscan Logs Joshua Polsky
Re: snort is logging alerts but not capturing corresponding packets for some rules Jason Brvenik
Re: Portscan Logs Joel Esler
Re: AUTO: Darren Terry is out of office. Randal T. Rioux
Tuesday, 03 May
Sourcefire VRT Certified Snort Rules Update 2011-05-03 Research
Re: [PATCH 1/5]: byte_test: support bitwise OR Ryan Jordan
IPv6 rule options syntax 김무성
Wednesday, 04 May
Re: IPv6 rule options syntax Martin Schütte
Re: IPv6 rule options syntax Steven Sturges
PullePork SO Rules Management? Eoin Miller
Re: PullePork SO Rules Management? JJC
so_rules clarification Jefferson, Shawn
Re: so_rules clarification Joel Esler
Re: PullePork SO Rules Management? Eoin Miller
Re: PullePork SO Rules Management? JJC
Re: PullePork SO Rules Management? JJC
ssp_ssl: Invalid Client HELLO after Server HELLO Detected Jefferson, Shawn
Re: PullePork SO Rules Management? Eoin Miller
Re: PullePork SO Rules Management? JJC
Re: PullePork SO Rules Management? Eoin Miller
problem with snortsam-2.9.0.3.diff.gz M.Turner Turner
Re: ssp_ssl: Invalid Client HELLO after Server HELLO Detected Ryan Jordan
PulledPork - disablesid.conf categories and SO rule stubs Eoin Miller
Re: [PATCH 1/5]: byte_test: support bitwise OR Joshua.Kinard
Re: PulledPork - disablesid.conf categories and SO rule stubs Joel Esler
Snort + HTSQL dashboard application Dan Ferris
Re: PulledPork - disablesid.conf categories and SO rule stubs JJC
Thursday, 05 May
Re: Snort + HTSQL dashboard application Lay, James
Re: PulledPork - disablesid.conf categories and SO rule stubs Eoin Miller
Re: PulledPork - disablesid.conf categories and SO rule stubs Joel Esler
NSS Labs : CheckPoint 97.3% recommended profile hoax ? Crusty Saint
Sourcefire VRT Certified Snort Rules Update 2011-05-05 Research
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Joel Esler
Re: Snort + HTSQL dashboard application Martin Holste
Re: Snort + HTSQL dashboard application waldo kitty
Re: Snort + HTSQL dashboard application Dan Ferris
Multiple Snort Instances With Identical Interfaces In Daemon Eoin Miller
Re: Snort + HTSQL dashboard application Lay, James
Re: Snort + HTSQL dashboard application Martin Holste
Re: Multiple Snort Instances With Identical Interfaces In Daemon Martin Holste
Re: Multiple Snort Instances With Identical Interfaces In Daemon Joel Esler
Re: Multiple Snort Instances With Identical Interfaces In Daemon Eoin Miller
Re: Multiple Snort Instances With Identical Interfaces In Daemon Joel Esler
Re: Snort + HTSQL dashboard application Dan Ferris
Re: Snort + HTSQL dashboard application Dan Ferris
Re: IPv6 rule options syntax 김무성
Re: Multiple Snort Instances With Identical Interfaces In Daemon Martin Holste
Re: Snort + HTSQL dashboard application Jim Hranicky
Friday, 06 May
Re: Output Plugin Delay, Latency, and PPM beenph
Re: Multiple Snort Instances With Identical Interfaces In Daemon waldo kitty
Re: Output Plugin Delay, Latency, and PPM Korodev
Saturday, 07 May
Re: Output Plugin Delay, Latency, and PPM Korodev
Re: Snort + HTSQL dashboard application Martin Holste
Re: Multiple Snort Instances With Identical Interfaces In Daemon Joel Esler
Re: Multiple Snort Instances With Identical Interfaces In Daemon Eoin Miller
Re: Snort + HTSQL dashboard application Dan Ferris
Re: Snort + HTSQL dashboard application beenph
Snort Reloading Conf/Rules with SIGHUP Causes Snort To Exit Eoin Miller
Re: Output Plugin Delay, Latency, and PPM beenph
Output Plugin Delay, Latency, and PPM Korodev
Re: Snort + HTSQL dashboard application Martin Holste
Re: Snort + HTSQL dashboard application Joel Esler
Re: Multiple Snort Instances With Identical Interfaces In Daemon waldo kitty
Sunday, 08 May
Windows Server 2008 Standard x86 and sensitive-data.rules crashing Michael Steele
Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Steven Sturges
Monday, 09 May
Son Benjamin invites you to use Boxbe Son Benjamin
Re: Windows Server 2008 Standard x86 and sensitive-data.rules crashing Michael Steele
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? firewalZ
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Nigel Houghton
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? beenph
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Jason Brvenik
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Martin Holste
snort not alerting on rule if IE is used Prashant cd c.d
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Crusty Saint
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Crusty Saint
Re: snort not alerting on rule if IE is used Eoin Miller
Re: snort not alerting on rule if IE is used Eoin Miller
barnyard2 not populating sig_name properly when using EMT rules Wm. Josiah Erikson
Re: barnyard2 not populating sig_name properly when using EMT rules Jeff Murphy
Re: barnyard2 not populating sig_name properly when using EMT rules beenph
Re: barnyard2 not populating sig_name properly when using EMT rules Eoin Miller
Re: barnyard2 not populating sig_name properly when using EMT rules JJ Cummings
Re: barnyard2 not populating sig_name properly when using EMT rules Wm. Josiah Erikson
FP shows snort-2.9.0.3 confused over packets and sessions Jason Haar
Tuesday, 10 May
Re: FP shows snort-2.9.0.3 confused over packets and sessions rmkml
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Rick Moy
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Martin Holste
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Seth Hall
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Paul Halliday
Sourcefire VRT Certified Snort Rules Update 2011-05-10 Research
Help a Noob out Gibson, Nathan J. (HSC)
Re: Help a Noob out Nigel Houghton
Wednesday, 11 May
Re: NSS Labs : CheckPoint 97.3% recommended profile hoax ? Crusty Saint
FP on 1:16442:3 Martin Holste
FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Eoin Miller
Re: FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Matt Watchinski
Re: FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Eoin Miller
Re: FP shows snort-2.9.0.3 confused over packets and sessions Jason Haar
Thursday, 12 May
Regarding dynamic (so_rules) rules Dheeraj Gupta
Skype Mac exploit sigs? Kungu Panda
Re: Skype Mac exploit sigs? Joel Esler
Re: Regarding dynamic (so_rules) rules Joel Esler
Re: Regarding dynamic (so_rules) rules John York
Re: Regarding dynamic (so_rules) rules Joel Esler
Re: What the heck is this... Joel Esler
Re: What the heck is this... Lay, James
What the heck is this... Lay, James
Re: What the heck is this... Matt Watchinski
Re: What the heck is this... Lay, James
Re: FP's for gen:124 sid:1 - smtp: Attempted command buffer overflow Matt Watchinski
Intel X520 and Multi-Queue Snort Mike Lococo
Re: Intel X520 and Multi-Queue Snort Martin Holste
Re: Intel X520 and Multi-Queue Snort Mike Lococo
Re: Intel X520 and Multi-Queue Snort Will Metcalf
Re: Intel X520 and Multi-Queue Snort Mike Lococo
Intel X520 and Multi-Queue Snort Mike Lococo
sensitive data preprocessor - emails Don Florence
logto keyword Don Florence
Re: snort not alerting on rule if IE is used Prashant cd c.d
Re: snort not alerting on rule if IE is used Prashant cd c.d
Sourcefire VRT Certified Snort Rules Update 2011-05-12 Research
Re: Regarding dynamic (so_rules) rules Dheeraj Gupta
Friday, 13 May
Re: Regarding dynamic (so_rules) rules Joel Esler
Re: logto keyword Michael Lubinski
Re: Intel X520 and Multi-Queue Snort Martin Holste
Re: Intel X520 and Multi-Queue Snort Mike Lococo
Re: Intel X520 and Multi-Queue Snort Martin Holste
Re: Intel X520 and Multi-Queue Snort Mike Lococo
Re: Intel X520 and Multi-Queue Snort beenph
Re: Intel X520 and Multi-Queue Snort Mike Lococo
Re: Intel X520 and Multi-Queue Snort beenph
Re: Intel X520 and Multi-Queue Snort Martin Holste
Re: Intel X520 and Multi-Queue Snort Mike Lococo
Re: Intel X520 and Multi-Queue Snort beenph
Saturday, 14 May
Lots of FP's on sid:16214 Eoin Miller
Re: Lots of FP's on sid:16214 rmkml
Snort-users Digest, Vol 60, Issue 24 rrobinson
Re: Lots of FP's on sid:16214 Joel Esler
Re: Snort-users Digest, Vol 60, Issue 24 Joel Esler
Sunday, 15 May
Possible bug in event queue processing - Would really appreciate some insight Peter Politopoulos
Re: Possible bug in event queue processing - Would really appreciate some insight Joel Esler
performance criteria Jules Pagna Disso
Snort in IPS mode turki
Re: Snort in IPS mode Michael Altizer
Re: logto keyword waldo kitty
Re: performance criteria evilghost () packetmail net
Re: [Emerging-Sigs] performance criteria evilghost () packetmail net
Monday, 16 May
Re: logto keyword Michael Lubinski
Re: Snort in IPS mode turki
Re: Snort in IPS mode Michael Altizer
Re: Snort in IPS mode turki
Re: Snort in IPS mode turki
Re: Snort in IPS mode Will Metcalf
Re: [Emerging-Sigs] performance criteria Jules Pagna Disso
Re: performance criteria Jamie Riden
Re: performance criteria Jamie Riden
Re: performance criteria evilghost () packetmail net
Ruxcon 2011 Call For Papers cfp
Tuesday, 17 May
Re: Snort in IPS mode turki
Re: Snort in IPS mode Will Metcalf
Re: Snort in IPS mode Russ Combs
An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading Singapore Citizen Mr. Teo En Ming (Zhang Enming)
Re: An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading Martin Roesch
Re: An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading Ken R
Re: An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading Jason Brvenik
Re: An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading Gregory W. MacPherson
Re: An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading beenph
Re: An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading Jason Brvenik
Re: An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading Joel Esler
Re: Snort in IPS mode turki
Re: Snort in IPS mode Russ Combs
Re: An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading Martin Holste
Re: VRT stream5 Preprocessor Config vs Default Settings Eoin Miller
Re: Snort in IPS mode turki
Re: Snort in IPS mode Russ Combs
Re: Snort in IPS mode turki
Re: Snort in IPS mode Russ Combs
Re: Snort in IPS mode Lay, James
Re: Snort in IPS mode turki
Re: Snort in IPS mode Russ Combs
Re: Snort in IPS mode turki
Re: Snort in IPS mode Will Metcalf
Wednesday, 18 May
Pulled Pork and SO_rules Dheeraj Gupta
Re: Pulled Pork and SO_rules Dheeraj Gupta
Snort Command Line Options Joe Brown
Re: Pulled Pork and SO_rules beenph
Re: Snort Command Line Options Martin Holste
Re: Snort Command Line Options Martin Holste
Re: Snort Command Line Options Joe Brown
Re: Snort in IPS mode Jason Brvenik
Sourcefire VRT Certified Snort Rules Update 2011-05-18 Research
Pkts_filtered_udp Lawrence R. Hughes, Sr.
Your Webinar Invitation: Join us for "Snort Webinar -- Proper implementation of Multiconfig -- John Gay" Joel Esler
base64_data and base64_decode -- how to use properly? Joshua.Kinard
Unsubscribe go95
not work flexresponse bear
Thursday, 19 May
Alert Information Missing for alerts using barnyard2 Dheeraj Gupta
Re: Alert Information Missing for alerts using barnyard2 Lay, James
Fw: Re: Snort in IPS mode turki
Re: Fw: Re: Snort in IPS mode Russ Combs
Re: Fw: Re: Snort in IPS mode turki
Snort + Barnyard2 + Base Issue Ryan Pettigrew
PulledPork and disabling a preproc rule file Eoin Miller
Re: Snort + Barnyard2 + Base Issue Nick Moore
preprocessors and thresholding broken with latest rules tarball? Eoin Miller
Re: Alert Information Missing for alerts using barnyard2 Dheeraj Gupta
Friday, 20 May
Re: preprocessors and thresholding broken with latest rules tarball? carlopmart
Fw: Re: Snort in IPS mode bear
snort-NIDS inline mode configuration questions lay rando
Re: preprocessors and thresholding broken with latest rules tarball? Eoin Miller
Possible FP 10505 Lay, James
Re: snort-NIDS inline mode configuration questions Kevin Ross
Re: preprocessors and thresholding broken with latest rules tarball? JJC
Re: Possible FP 10505 Kevin Ross
Re: preprocessors and thresholding broken with latest rules tarball? Joel Esler
Testing IPTABLES (Snort Inline Mode, NFQUEUE, Local Rules) No alerts! turki
Re: snort-NIDS inline mode configuration questions lay rando
Re: snort-NIDS inline mode configuration questions Joel Esler
Re: snort-NIDS inline mode configuration questions Russ Combs
Re: VRT stream5 Preprocessor Config vs Default Settings Joel Esler
Re: VRT stream5 Preprocessor Config vs Default Settings Joel Esler
snort Addetiloye Taiwo
Pulled Pork Not Enableing ET Rules Gibson, Nathan J. (HSC)
Pulled Pork Not Enableing ET Rules Gibson, Nathan J. (HSC)
Re: Pulled Pork Not Enableing ET Rules Eoin Miller
Re: Pulled Pork Not Enableing ET Rules JJC
Re: Pulled Pork Not Enableing ET Rules Eoin Miller
Re: Pulled Pork Not Enableing ET Rules Gibson, Nathan J. (HSC)
Re: Pulled Pork Not Enableing ET Rules Gibson, Nathan J. (HSC)
Re: Pulled Pork Not Enableing ET Rules Gibson, Nathan J. (HSC)
Saturday, 21 May
Re: snort Nick Moore
Custom Input of packets into Snort David Bramer
Re: Custom Input of packets into Snort Russ Combs
Monday, 23 May
How to Snort IPS? bear
Gentoo Users: daq-0.5-r1 with support for NFQ and IPQ Jason Wallace
Re: Snort + Barnyard2 + Base Issue Ryan Pettigrew
Re: An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading Dale Handy
Tuesday, 24 May
Re: Testing IPTABLES (Snort Inline Mode, NFQUEUE, Local Rules) No alerts! turki
snort inline timing out after about 65KB Daniel Browning-Weber
Re: snort inline timing out after about 65KB beenph
Sourcefire VRT Certified Snort Rules Update 2011-05-24 Research
Unsock Output Issues Korodev
Re: performance criteria Randal T. Rioux
Re: Son Benjamin invites you to use Boxbe Randal T. Rioux
Re: Unsubscribe Randal T. Rioux
Re: Unsubscribe Joel Esler
Re: Son Benjamin invites you to use Boxbe Joel Esler
Re: Unsock Output Issues Korodev
Re: Confirmation: "Snort Webinar -- Proper implementation of Multiconfig -- John Gay" Marc Manthey
Re: Confirmation: "Snort Webinar -- Proper implementation of Multiconfig -- John Gay" Joel Esler
Re: snort inline timing out after about 65KB Matt Olney
Wednesday, 25 May
http_client_data and logging Eoin Miller
Re: http_client_data and logging James Lay
[PATCH]: snort_manual.tex: Remove 'Variable Modifiers' section as it doesn't work Joshua.Kinard
Re: base64_data and base64_decode -- how to use properly? Joshua.Kinard
Re: base64_data and base64_decode -- how to use properly? Joel Esler
libpcap and RHEL 6.1 Randal T. Rioux
Thursday, 26 May
Re: http_client_data and logging Eoin Miller
Re: http_client_data and logging Joel Esler
Re: http_client_data and logging Lay, James
Re: http_client_data and logging Eoin Miller
Re: libpcap and RHEL 6.1 vincent
Re: http_client_data and logging Joel Esler
Sourcefire VRT Certified Snort Rules Update 2011-05-26 Research
Re: http_client_data and logging Eoin Miller
Re: http_client_data and logging Joel Esler
Re: http_client_data and logging beenph
Re: http_client_data and logging Edward Fjellskål
Friday, 27 May
Detecting cross reference at DNS decompression by a snort rule سعید انواری
Re: Detecting cross reference at DNS decompression by a snort rule rmkml
Re: libpcap and RHEL 6.1 Rich Graves
how the blocking works? Martin Månsson
zlib and Centos 5.6 Dan Erxleben
Re: zlib and Centos 5.6 Bhagya Bantwal
Re: zlib and Centos 5.6 Eoin Miller
Re: [Snort-users] Detecting cross reference at DNS decompression by a snort rule (fwd) rmkml
Re: zlib and Centos 5.6 Joel Esler
Tuesday, 31 May
Snort Inline Mode (with NFQ) drop rule is not working turki
Sourcefire VRT Certified Snort Rules Update 2011-05-31 Research
Wednesday, 01 June
Paid support Lay, James
Re: Paid support Gibson, Nathan J. (HSC)
Re: Paid support Joel Esler
Re: Paid support Lay, James
Thursday, 02 June
Sourcefire VRT Certified Snort Rules Update 2011-06-02 Research
Friday, 03 June
Snorby opinions Lay, James
http_inspects post_depth Eoin Miller
Re: http_inspects post_depth Nigel Houghton
Re: http_inspects post_depth Joel Esler
Unified2 Record Order firnsy
Saturday, 04 June
Re: Unified2 Record Order Steven Sturges
Re: Unified2 Record Order beenph
Re: Unified2 Record Order beenph
Re: Unified2 Record Order Steven Sturges
Re: Snorby opinions turki
Sunday, 05 June
Re: Snorby opinions Martin Holste
Monday, 06 June
Re: Snorby opinions Lay, James
Re: Unified2 Record Order Steven Sturges
Re: Unified2 Record Order beenph
Re: Unified2 Record Order Steven Sturges
Re: Unified2 Record Order beenph
Re: Snorby opinions Jefferson, Shawn
Re: Unified2 Record Order Russ Combs
Re: Snorby opinions Dustin Webber
pulledpork and certificate errors Youngquist, Jason R.
Re: pulledpork and certificate errors Nigel Houghton
Re: Snorby opinions Dustin Webber
Re: Snorby opinions Randal T. Rioux
Re: Snorby opinions Dustin Webber
Re: Snorby opinions Randal T. Rioux
Re: Snorby opinions Paul Halliday
Re: Unified2 Record Order Russ Combs
Re: Snorby opinions Joel Esler
Re: Snorby opinions Martin Holste
Tuesday, 07 June
libpcap error when compiling daq0.5 Lutfi ODUNCUOGLU
Re: libpcap error when compiling daq0.5 Weir, Jason
Re: libpcap error when compiling daq0.5 Weir, Jason
rules are not matched across the packet mahendra kumawat
rules are not matched across the packet mahendra kumawat
Re: rules are not matched across the packet Bhagya Bantwal
Re: rules are not matched across the packet rmkml
Sourcefire VRT Certified Snort Rules Update 2011-06-07 Research
Richard Tyrrell/Telford/Syan Ltd is out of the office. Richard Tyrrell
Re: Richard Tyrrell/Telford/Syan Ltd is out of the office. Jeff Nathan
[HITB-Announce] HITB2011AMS Conference Materials & Photos Hafez Kamal
[HITB-Announce] HITB2011AMS Conference Materials & Photos Hafez Kamal
Wednesday, 08 June
Unsubscribe Richard Tyrrell
Re: Unsubscribe Jamie Riden
Query about the performance Gaurav Suryagandh
Re: Unsubscribe Joel Esler
Re: Query about the performance Jeff Murphy
Yeesh...19174 is all over the place Lay, James
Re: Yeesh...19174 is all over the place rmkml
Re: Query about the performance Steven Sturges
Re: Richard Tyrrell/Telford/Syan Ltd is out of the office. Joel Esler
Re: Richard Tyrrell/Telford/Syan Ltd is out of the office. Joel Esler
smtp preprocessor buffers and content modifiers Eoin Miller
Re: Richard Tyrrell/Telford/Syan Ltd is out of the office. Randal T. Rioux
Fwd: Paul Skelton is out of the office. Randal T. Rioux
Re: Fwd: Paul Skelton is out of the office. Jamie Riden
Re: Fwd: Paul Skelton is out of the office. Joel Esler
Thursday, 09 June
Re: Query about the performance Gaurav Suryagandh
Re: Query about the performance Jeff Murphy
Re: Query about the performance Martin Holste
Re: Query about the performance Jeff Murphy
Sourcefire VRT Certified Snort Rules Update 2011-06-09 Research
Friday, 10 June
Possible FP 19177 Lay, James
Re: Possible FP 19177 Alex Kirk
Re: Possible FP 19177 rmkml
Fwd: [Snort-Users] snort signature code Joel Esler
Re: Fwd: [Snort-Users] snort signature code Steven Sturges
Saturday, 11 June
New Rules for Snort 2.6.1.5!! nima chavooshi
Re: New Rules for Snort 2.6.1.5!! Joel Esler
Re: New Rules for Snort 2.6.1.5!! nima chavooshi
Re: New Rules for Snort 2.6.1.5!! Joel Esler
Re: New Rules for Snort 2.6.1.5!! Nick Moore
Snort.org Blog: Snort 2.9.1 beta coming soon! Joel Esler
Monday, 13 June
Thresholding issue Lay, James
[HITB-Announce] HITB eZine Issue #006 Released! Hafez Kamal
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Martin Holste
Snort 2.9.1 Beta Now Available Snort Releases
Snort 2.9.1 Beta Now Available Snort Releases
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Russ Combs
Flow Management in SnortSP Asim Jamshed
Feasibility of one off rule Lay, James
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Joel Esler
Re: Feasibility of one off rule Alex Kirk
flowbits - checking multiple bits being set to create alerting Eoin Miller
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! beenph
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Joel Esler
Re: Feasibility of one off rule Martin Holste
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Martin Holste
Re: Feasibility of one off rule Lay, James
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Russ Combs
Re: Snort 2.9.1 Beta Now Available Jason Haar
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Joel Esler
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Joel Esler
[PATCH]: Minor fix in sp_tcp_flag_check.c for the C and E bits Joshua.Kinard
[PATCH]: Remove smart quotes and other Unicode bits in README.sip Joshua.Kinard
Tuesday, 14 June
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! firnsy
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Joel Esler
Re: flowbits - checking multiple bits being set to create alerting Patrick Mullen
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Randal T. Rioux
Sourcefire VRT Certified Snort Rules Update 2011-06-14 Research
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Joel Esler
[PATCH]: Snort manual fixes for 2.9.1-beta Joshua.Kinard
Wednesday, 15 June
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! firnsy
Rule 19253 Lay, James
Re: Rule 19253 rmkml
Re: [PATCH]: Snort manual fixes for 2.9.1-beta Russ Combs
Re: Flow Management in SnortSP Asim Jamshed
Re: Flow Management in SnortSP Martin Roesch
Re: Rule 19253 Joel Esler
Re: flowbits - checking multiple bits being set to create alerting Eoin Miller
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Joel Esler
Re: Rule 19253 Lay, James
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Steven Sturges
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Joel Esler
Re: Snort.org Blog: Snort 2.9.1 beta coming soon! Randal T. Rioux
Thursday, 16 June
Sourcefire VRT Certified Snort Rules Update 2011-06-16 Research
SID 19253, WEB-CLIENT Adobe Reader malicious language.engtesselate.ln file download attempt Jefferson, Shawn
Re: SID 19253, WEB-CLIENT Adobe Reader malicious language.engtesselate.ln file download attempt Joel Esler
Verify configuration as non root Gilad Benjamini
Friday, 17 June
Re: Verify configuration as non root Russ Combs
Saturday, 18 June
Verify configuration as non root Gilad Benjamini
Monday, 20 June
New phishing/Malware campaign Lay, James
Re: [PATCH]: Minor fix in sp_tcp_flag_check.c for the C and E bits Ryan Jordan
Sourcefire VRT Rules and Snort Active Response Jason D. McCormick
Re: Sourcefire VRT Rules and Snort Active Response Russ Combs
Local alert for website traffic not working Ryan Pettigrew
Local alert for website traffic not working Ryan Pettigrew
Re: Local alert for website traffic not working Martin Holste
Re: Sourcefire VRT Rules and Snort Active Response Jason D. McCormick
Sourcefire VRT Certified Snort Rules Update 2011-06-20 Research
Tuesday, 21 June
Re: Sourcefire VRT Rules and Snort Active Response Russ Combs
Sourcefire VRT Certified Snort Rules Update 2011-06-21 Research
Snort multithread Барулин Николай
Wednesday, 22 June
Re: Snort multithread Jason Wallace
Snort Manual Fix Eoin Miller
Re: Snort Manual Fix Russ Combs
PulledPork and modifying So_rule stubs Dheeraj Gupta
Thursday, 23 June
2.9.0.5, react works only for the first rule Hatim Alghamdi
Re: PulledPork and modifying So_rule stubs JJC
Re: 2.9.0.5, react works only for the first rule Russ Combs
Participation Requested: Survey about Open-Source Software Development Jeffrey Carver
Re: PulledPork and modifying So_rule stubs Michael Lubinski
2.9.1 compilation issue with dnet Hatim Alghamdi
Sourcefire VRT Certified Snort Rules Update 2011-06-23 Research
SnortSP: adding analyzer Tako Chanz
Re: 2.9.1 compilation issue with dnet Lay, James
Re: 2.9.1 compilation issue with dnet Hatim Alghamdi
Re: Snort multithread Martin Holste
Friday, 24 June
False Negatives in Snort Dheeraj Gupta
Re: 2.9.1 compilation issue with dnet Lay, James
Re: 2.9.1 compilation issue with dnet Hatim Alghamdi
Flowbits Set and Not Checked Against SRC/DST Networks Eoin Miller
Issues compiling chroot snort with daq Moses Hernandez
iFrame's in gifs Lay, James
Re: iFrame's in gifs rmkml
Re: iFrame's in gifs Joel Esler
Re: iFrame's in gifs waldo kitty
Re: iFrame's in gifs James Lay
Re: iFrame's in gifs James Lay
[patch] snort with mysql+SSL support Ryan Steinmetz
Re: Issues compiling chroot snort with daq Martin Holste
Saturday, 25 June
Re: [patch] snort with mysql+SSL support Joel Esler
Re: [patch] snort with mysql+SSL support Ryan Steinmetz
Re: [patch] snort with mysql+SSL support Joel Esler
Re: iFrame's in gifs Nigel Houghton
Re: iFrame's in gifs Joel Esler
Snort rules maximum rules per file Hussein Bahaidarah
Sunday, 26 June
Re: Snort rules maximum rules per file Hussein Bahaidarah
Re: iFrame's in gifs Randal T. Rioux
Monday, 27 June
Re: Flowbits Set and Not Checked Against SRC/DST Networks Joel Esler
Re: Flowbits Set and Not Checked Against SRC/DST Networks Martin Holste
Re: Flowbits Set and Not Checked Against SRC/DST Networks Joel Esler
Snort.org Blog: Snort's output methods Joel Esler
Re: Flowbits Set and Not Checked Against SRC/DST Networks Russ Combs
Re: False Negatives in Snort Bhagya Bantwal
Re: Flowbits Set and Not Checked Against SRC/DST Networks beenph
Re: Flowbits Set and Not Checked Against SRC/DST Networks Martin Holste
Pulledpork Item Bill Pickens
Re: Pulledpork Item JJC
Re: Issues compiling chroot snort with daq Moses Hernandez
Re: Snort.org Blog: Snort's output methods Phillip Deneault
Re: Issues compiling chroot snort with daq Martin Holste
Re: Snort.org Blog: Snort's output methods Joel Esler
Active Response System (ARS) Ron Jenkins
Re: Snort.org Blog: Snort's output methods L0rd Ch0de1m0rt
Re: [Snort-sigs] Snort.org Blog: Snort's output methods Steven Sturges
Re: [Snort-sigs] Snort.org Blog: Snort's output methods Joel Esler
SnortSP: Writing an analyzer in Lua Tako Chanz
Re: Flowbits Set and Not Checked Against SRC/DSTNetworks Joshua.Kinard
Re: Flowbits Set and Not Checked Against SRC/DST Networks Martin Holste
Tuesday, 28 June
daq_static with 2.9.1 Hatim Alghamdi
Re: Flowbits Set and Not Checked Against SRC/DSTNetworks beenph
Re: daq_static with 2.9.1 Martin Holste
Re: daq_static with 2.9.1 Hatim Alghamdi
Re: daq_static with 2.9.1 Martin Holste
Re: daq_static with 2.9.1 Hatim Alghamdi
Re: daq_static with 2.9.1 Martin Holste
snort.org blog: Why not a full feed? Castle, Shane
Re: snort.org blog: Why not a full feed? Joel Esler
Re: SnortSP: Writing an analyzer in Lua Martin Roesch
Re: Snort.org Blog: Snort's output methods Martin Roesch
Sourcefire VRT Certified Snort Rules Update 2011-06-28 Research
Barnyard2 Michael Lubinski
Re: Barnyard2 beenph
Wednesday, 29 June
flow:established still broken in 2.9.0.5? (was:FP shows snort-2.9.0.3 confused over packets and sessions) Jason Haar
Re: flow:established still broken in 2.9.0.5? (was:FP shows snort-2.9.0.3 confused over packets and sessions) Joel Esler
Re: flow:established still broken in 2.9.0.5? (was:FP shows snort-2.9.0.3 confused over packets and sessions) Joel Esler
Removed SIDs Document Retention
Re: Removed SIDs JJC
Re: daq_static with 2.9.1 Hatim Alghamdi
Re: flow:established still broken in 2.9.0.5? (was:FP shows snort-2.9.0.3 confused over packets and sessions) Matthew Jonkman
Re: flow:established still broken in 2.9.0.5? Jason Haar
Re: flow:established still broken in 2.9.0.5? Russ Combs
Re: flow:established still broken in 2.9.0.5? Jason Haar
Re: flow:established still broken in 2.9.0.5? Jason Wallace
Re: flow:established still broken in 2.9.0.5? Jason Haar
Thursday, 30 June
Re: flow:established still broken in 2.9.0.5? Jason Wallace
Invitation to connect on LinkedIn Fábio Ferrão