Snort mailing list archives
Re: Stream5
From: Nicholas Horton <fivetenets () me com>
Date: Wed, 22 Aug 2012 23:06:04 -0400
Thanks E. I love the link :). Cracks me up. I'll take a look. I saw some of the googles got rid of the messages by tweaking some of the options but I was trying to understand more if I should up the max values for example or if there is an issue with the machine that keeps triggering this alert. I'll try to read up more on the tcp small segment option more to understand what its looking for. Thanks again, Nick On Aug 22, 2012, at 3:40 PM, Edward Fjellskål <edwardfjellskaal () gmail com> wrote:
On 08/22/2012 08:58 PM, Nicholas Horton wrote:I am getting a large amount of "stream5: TCP Small Segment Threshold Exceeded" alerts. Where should I start investigating this preprocessor message and how to correct the issue or alert?Have you tried google ? http://bit.ly/Nhhoxi The first hit there brings you to a thread on this issue :) EThanks, Nick ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Stream5 Nicholas Horton (Aug 22)
- Re: Stream5 Edward Fjellskål (Aug 22)
- Re: Stream5 Nicholas Horton (Aug 22)
- Re: Stream5 Nicholas Horton (Aug 23)
- Re: Stream5 ARAI Shun-ichi (Aug 23)
- Re: Stream5 Nicholas Horton (Aug 25)
- Re: Stream5 Nicholas Horton (Aug 22)
- Re: Stream5 Edward Fjellskål (Aug 22)
- <Possible follow-ups>
- Stream5 Nicholas Horton (Aug 24)