Re: Stream5

[Nicholas Horton <fivetenets () me com>]

Thanks E. I love the link :). Cracks me up.

I'll take a look. I saw some of the googles got rid of the messages by tweaking some of the options but I was trying to 
understand more if I should up the max values for example or if there is an issue with the machine that keeps 
triggering this alert.

I'll try to read up more on the tcp small segment option more to understand what its looking for.

Thanks again,
Nick

On Aug 22, 2012, at 3:40 PM, Edward Fjellskål <edwardfjellskaal () gmail com> wrote:

> On 08/22/2012 08:58 PM, Nicholas Horton wrote:
> > I am getting a large amount of "stream5: TCP Small Segment Threshold Exceeded" alerts. 
> >
> > Where should I start investigating this preprocessor message and how to correct the issue or alert?
>
> Have you tried google ?
>
> http://bit.ly/Nhhoxi
>
> The first hit there brings you to a thread on this issue :)
>
> E
>
> > Thanks,
> > Nick
> >
> > ------------------------------------------------------------------------------
> > Live Security Virtual Conference
> > Exclusive live event will cover all the ways today's security and 
> > threat landscape has changed and how IT managers can respond. Discussions 
> > will include endpoint security, mobile security and the latest in malware 
> > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users () lists sourceforge net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> > Please visit http://blog.snort.org to stay current on all the latest Snort news!
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and 
> threat landscape has changed and how IT managers can respond. Discussions 
> will include endpoint security, mobile security and the latest in malware 
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!