Snort: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

1245 messages starting Jul 01 12 and ending Sep 30 12
Date index | Thread index | Author index

Sunday, 01 July

snort 2.9.3 - PreProcessor Profile stats for PCRE jbox2705
distance, within, and negated matches L0rd Ch0de1m0rt
Re: [Snort-users] OS options to monitor traffic over a 1GiB and 10 GiB Robert Vineyard
Re: OS options to monitor traffic over a 1GiB and 10 GiB Robert Vineyard
Re: Snort Pre-processor + DPX Installation Issue waseem sarwar
Re: IP Protocol Rules? Tony Robinson
Re: distance, within, and negated matches Patrick Mullen
Re: IP Protocol Rules? Joshua Kinard
Re: IP Protocol Rules? Livio () metaflows com
Re: IP Protocol Rules? Joel Esler
Error while installing pfring-DAQ module Vinayak Malshetty
Snort install Pratik Narang
Re: OS options to monitor traffic over a 1GiB and 10 GiB C. L. Martinez

Monday, 02 July

log response pkts Vinayak Malshetty
Question on http_client_body James Lay
Re: Question on http_client_body Will Metcalf
Re: Snort Configuration Problem Sujoy Ghosh
Re: Question on http_client_body James Lay
Re: Snort against DARPA Dataset Sravan Bhamidipati
Re: Snort against DARPA Dataset Sunny Fugate
If they'd only been running Snort... Lay, James
http_inspect tuning issue Castle, Shane
Re: IP Protocol Rules? jorbru30
Re: OS options to monitor traffic over a 1GiB and 10 GiB waldo kitty
Re: Snort against DARPA Dataset waldo kitty
Re: http_inspect tuning issue waldo kitty
Facing issue in logging GTP response packets Vinayak Malshetty

Tuesday, 03 July

Re: IP Protocol Rules? Joel Esler
Re: http_inspect tuning issue Castle, Shane
Re: http_inspect tuning issue Joel Esler
Re: log response pkts Joel Esler
Re: Snort install Joel Esler
Re: http_inspect tuning issue Lay, James
Re: Snort install Pratik Narang
Re: http_inspect tuning issue Castle, Shane
DAQ ./configure problem with libpcap>1.0.0 Bryan A. Jones
Re: OS options to monitor traffic over a 1GiB and 10 GiB livio Ricciulli
Sourcefire VRT Certified Snort Rules Update 2012-07-03 Research
Re: Snort install Tony Robinson
Re: http_inspect tuning issue waldo kitty
Re: DAQ ./configure problem with libpcap>1.0.0 Jack Pepper
Potential memory leak/settings for memory conservation in 2.9.2.3/2.9.3_rc1? Jesse Bowling
Re: DAQ ./configure problem with libpcap>1.0.0 Jesse Bowling
Re: DAQ ./configure problem with libpcap>1.0.0 Bryan A. Jones
Re: Sig help (Tumblr redirect) Will Metcalf
Re: Sig help (Tumblr redirect) lists () packetmail net
Re: Sig help (Tumblr redirect) Will Metcalf
Re: Sig help (Tumblr redirect) lists () packetmail net
Re: http_inspect tuning issue Sunny James Fugate
Re: OS options to monitor traffic over a 1GiB and 10 GiB C. L. Martinez

Wednesday, 04 July

redBorder IPS Presentation Jaime Nebrera
redBorder IPS Presentation Jaime Nebrera
Re: OS options to monitor traffic over a 1GiB and 10 GiB Peter Bates
Re: OS options to monitor traffic over a 1GiB and 10 GiB Jaime Nebrera
log file Deepika p
The DAQ version does not support reload. kay
guide for 64-bit Deepika p
Re: http_inspect tuning issue Joel Esler
Simple IPS config for snort kay
Re: Simple IPS config for snort Joel Esler
Re: log file Joel Esler
Re: The DAQ version does not support reload. Joel Esler
Snort for report GTp statistics Vinayak Malshetty
reading log files Pratik Narang

Thursday, 05 July

Re: reading log files Sujoy Ghosh
Re: Simple IPS config for snort kay
Re: Simple IPS config for snort kay
Snort not generating alerts Pratik Narang
(no subject) mayssa jemel
IPS inline problem, again kay
Re: IPS inline problem, again Joel Esler
Re: IPS inline problem, again kay
Re: Simple IPS config for snort kay
Re: guide for 64-bit Tony Robinson
Re: guide for 64-bit kay
Re: Snort for report GTp statistics Hui Cao
Re: Snort not generating alerts praveen_recker .
Re: Snort against DARPA Dataset Sravan Bhamidipati
Re: IPS inline problem, again Joel Esler
Re: reading log files Lay, James
Re: Snort against DARPA Dataset Sunny Fugate
Re: Snort against DARPA Dataset Sravan Bhamidipati
Re: Snort for report GTp statistics Vinayak Malshetty
Re: Snort against DARPA Dataset Patrick Mullen
Re: Snort against DARPA Dataset Sravan Bhamidipati
Re: Potential memory leak/settings for memory conservation in 2.9.2.3/2.9.3_rc1? Jesse Bowling
Re: reading log files Russ Combs
Re: Potential memory leak/settings for memory conservation in 2.9.2.3/2.9.3_rc1? Russ Combs
Re: Potential memory leak/settings for memory conservation in 2.9.2.3/2.9.3_rc1? Jesse Bowling
Re: reading log files waldo kitty
Re: Snort not generating alerts Pratik Narang
0 Dynamic rules? jorbru30
Re: Simple IPS config for snort kay

Friday, 06 July

Extra verdicts feature request for next snort version kay
Re: reading log files Sujoy Ghosh
Configure and fine tune Snort Rules Sujoy Ghosh
Re: Configure and fine tune Snort Rules Doug Burks
Re: Configure and fine tune Snort Rules Sujoy Ghosh
Re: Extra verdicts feature request for next snort version Russ Combs
Tumblr redirect update James Lay

Sunday, 08 July

How to wite snort rule with "OR" condition without PCRE Tran M. Thang
Re: How to wite snort rule with "OR" condition without PCRE Alex Kirk
Re: How to wite snort rule with "OR" condition without PCRE Balasubramaniam Natarajan

Monday, 09 July

Multiple Snorts (and PF_RING) Peter Bates
Re: Snort for report GTp statistics Hui Cao
Matching host get and content James Lay
Segfaults with libsf_smtp_preproc.so.0.0.0 Miguel Alvarez
hi, to understand Al Al
Re: Segfaults with libsf_smtp_preproc.so.0.0.0 Joel Esler
Re: Matching host get and content Joel Esler
Re: Segfaults with libsf_smtp_preproc.so.0.0.0 Miguel Alvarez
Bulk export? JoeSox
Analyzing Snort alert Balasubramaniam Natarajan

Tuesday, 10 July

Re: Snort not generating alerts Pratik Narang
Re: Snort not generating alerts Pratik Narang
Re: Snort not generating alerts Pratik Narang
Re: Snort not generating alerts Peter Bates
Re: Snort not generating alerts Pratik Narang
Re: Snort not generating alerts Peter Bates
Snort and PF_RING stats Peter Bates
WinSnort Team Ron Gallimore
Re: Multiple Snorts (and PF_RING) Victor Roemer
Re: Multiple Snorts (and PF_RING) Peter Bates
SHELLCODE_PORTS & double negatives. Richmond, Ian
Re: S5: Session exceeded configured max bytes to queue Russ Combs
Sourcefire VRT Certified Snort Rules Update 2012-07-10 Research
snort 2.9.8.3 not detecting skype Al Al
Re: Multiple Snorts (and PF_RING) livio Ricciulli
Re: Multiple Snorts (and PF_RING) Peter Bates
RE : snort 2.9.2.3 not detecting skype rmkml () yahoo fr
Re: RE : snort 2.9.2.3 not detecting skype Paul Halliday
RE : Re: RE : snort 2.9.2.3 not detecting skype rmkml () yahoo fr
Re: Multiple Snorts (and PF_RING) livio Ricciulli
Re: RE : Re: RE : snort 2.9.2.3 not detecting skype Paul Halliday
Re: Bulk export? waldo kitty
Re: RE : Re: RE : snort 2.9.2.3 not detecting skype Jason Haar
Re: Bulk export? JoeSox

Wednesday, 11 July

Log File? Ronan
Snort on Windows Ronan
Re: [Ntop-misc] Snort and PF_RING stats Alfredo Cardigliano
Snort architecture Pratik Narang
Agentless AIX Joe Gedeon
Re: Snort architecture Tony Robinson
Install Snort2.9.2.3 and Snortsam Tran M. Thang
Re: Snort architecture Johnny Venter
FW: snort 2.9.8.3 not detecting skype Al Al
Re: Manual updates Russ Combs
Re: Install Snort2.9.2.3 and Snortsam kay
Re: FW: snort 2.9.8.3 not detecting skype kay
snort support for custom headers Morgan Yang
manual update of rules using pulledpork tadios tefera
Re: Manual updates Bryan A. Jones
Re: Install Snort2.9.2.3 and Snortsam kay
Re: manual update of rules using pulledpork JJC

Thursday, 12 July

Re: Manual updates Joel Esler
Re: Manual updates Bryan A. Jones
Proposed Signature - SPECIFIC-THREATS Blackhole landing page with specific structure yew chuan Ong
Re: Proposed Signature - SPECIFIC-THREATS Blackhole landing page with specific structure Nick Randolph
Re: manual update of rules using pulledpork tadios tefera
Sourcefire VRT Certified Snort Rules Update 2012-07-12 Research
Re: SHELLCODE_PORTS & double negatives. Richmond, Ian
Re: Snort not generating alerts Richmond, Ian
Snort2.9.2.3 PortScan and HTTP_INSPECT don't work Tran M. Thang
Re: Snort not generating alerts Pratik Narang

Friday, 13 July

Re: Snort not generating alerts Peter Bates
Snort/Banyard2 Logging Eric Luellen
Re: Snort/Banyard2 Logging beenph
unsubscribe jlarson () gogocast net
Portscan and http_inspect don't work with Snort2.9.2.3 on Debian Server Tran M. Thang
Re: unsubscribe Joel Esler
Re: Snort against DARPA Dataset Sravan Bhamidipati

Saturday, 14 July

Re: Snort against DARPA Dataset waldo kitty
Re: Snort against DARPA Dataset Joel Esler

Sunday, 15 July

sniffer detection Nagy Dániel
Re: sniffer detection Joel Esler
Logging Snort events to a SQL Server from Barnyard2 Michael Steele
SNORT daily report Maneesh Patel
Re: SNORT daily report Jeremy Hoel
Re: SNORT daily report Jamie

Monday, 16 July

Re: SNORT daily report Ian Bowers
Re: SNORT daily report Jamie Riden
Re: SNORT daily report Ian Bowers
Re: SNORT daily report Joel Esler
snort.stats analysis Castle, Shane
Re: Snort on Windows Joel Esler
Re: snort.stats analysis Joel Esler
Re: Snort against DARPA Dataset waldo kitty
Re: SNORT daily report waldo kitty
Re: snort.stats analysis waldo kitty
Re: snort.stats analysis waldo kitty
Re: snort.stats analysis Castle, Shane
Re: Snort on Windows Paul Schmehl
Re: Snort on Windows Michael Steele
Re: snort.stats analysis waldo kitty
Re: Snort on Windows waldo kitty
Re: snort.stats analysis waldo kitty
Re: snort.stats analysis JJ Cummings
Re: Snort on Windows Michael Stoico

Tuesday, 17 July

ERROR: dcerpc2: dce2_co.c(1952) Could not create DCE/RPC frag reassembled packet. Lukas Matt
Quick rule optimize request James Lay
Re: Quick rule optimize request Joel Esler
Re: Snort/Banyard2 Logging Eric Luellen
Re: Quick rule optimize request James Lay
request adding space on very old sid 541 please rmkml () yahoo fr
Sourcefire VRT Certified Snort Rules Update 2012-07-17 Research
Re: Snort/Banyard2 Logging beenph

Wednesday, 18 July

How to decide which rules should be enabled. Bravo Snipper
Re: How to decide which rules should be enabled. Jeremy Hoel
Re: How to decide which rules should be enabled. Tony Robinson
Re: How to decide which rules should be enabled. Tony Robinson
snort options too long make segmentation fault Liming Huang
Still Empty log file Yonas Abebe
PF-ring and snort performance Vinayak Malshetty
Re: Still Empty log file Lay, James
Snort 2.9.3 Now Available Snort Releases
Snort 2.9.3 Now Available Snort Releases
Re: snort options too long make segmentation fault Russ Combs
snort on one interface Adam
Re: snort on one interface Joel Esler
Re: snort on one interface Adam
Re: Pfring crashes the kernel with white lists. Peter Bates
Re: Pfring crashes the kernel with white lists. Seth Hall

Thursday, 19 July

Re: How to decide which rules should be enabled. Bravo Snipper
Re: Possible bug in compiling snort 2.9.2.3 Valentin Avram
Create rule to check illegal web access Antonin
Re: Create rule to check illegal web access Wei Chea Ang
Re: Create rule to check illegal web access Antonin
Re: Create rule to check illegal web access Wei Chea Ang
Re: How to decide which rules should be enabled. Lay, James
Re: Possible bug in compiling snort 2.9.2.3 Steven Sturges
Re: Create rule to check illegal web access Kevin Ross
Re: How to decide which rules should be enabled. Joel Esler
Re: How to decide which rules should be enabled. Lay, James
Re: How to decide which rules should be enabled. Castle, Shane
Re: snort on one interface Adam
Re: How to decide which rules should be enabled. JJC
Re: How to decide which rules should be enabled. Joel Esler
Re: Create rule to check illegal web access Josh Little
Re: Create rule to check illegal web access Antonin
Snort new install won't start Nabyl Benmlih
Re: Snort new install won't start Todd Wease
Re: Still Empty log file Yonas Abebe
Snort 2.9.3.0 - Some groups of rules missing from snort.conf Michael Steele
Sourcefire VRT Certified Snort Rules Update 2012-07-19 Research
little help with false positives? Henri Reinikainen

Friday, 20 July

Snort 2.9.3 Eric Luellen
Re: snort on one interface Balasubramaniam Natarajan
Re: Snort 2.9.3 Joel Esler
Re: Snort 2.9.3 Eric Luellen
Re: Snort 2.9.3 Joel Esler
Re: Snort 2.9.3.0 - Some groups of rules missing from snort.conf Joel Esler
Re: Snort 2.9.3.0 - Some groups of rules missing fromsnort.conf Joel Esler
Re: Snort 2.9.3.0 - Some groups of rules missing fromsnort.conf Weir, Jason
Re: Snort 2.9.3.0 - Some groups of rules missing fromsnort.conf Jamie Riden
Re: Snort 2.9.3.0 - Some groups of rules missing fromsnort.conf Joel Esler
Re: Snort 2.9.3 Tony Robinson
Snort 2.9.3 mysql schema missing? Weir, Jason
Re: Snort 2.9.3 mysql schema missing? Nick Moore
Re: Snort 2.9.3 Eric Luellen
Re: Snort 2.9.3 Joel Esler
Re: Snort 2.9.3 mysql schema missing? Joel Esler
Re: Snort 2.9.3 mysql schema missing? Weir, Jason
Re: Still Empty log file Yonas Abebe
Re: Still Empty log file Lay, James
Re: Still Empty log file JJ Cummings

Saturday, 21 July

Re: Still Empty log file Yonas Abebe
FP with pcre P and http_client_body + distance 0 ? Rm Kml
Re: Still Empty log file Jeremy Hoel

Sunday, 22 July

RE : FP with pcre P and http_client_body + distance 0 ? rmkml () yahoo fr
Re: Still Empty log file Yonas Abebe
RE : FP with pcre P and http_client_body + distance 0 ? rmkml () yahoo fr
Re: [Ntop-misc] Pfring crashes the kernel with white lists. Alfredo Cardigliano
Re: RE : FP with pcre P and http_client_body + distance 0 ? Joel Esler
Re: Still Empty log file Yonas Abebe

Monday, 23 July

CLI support for downloading DAQ Bryan A. Jones
Old file in daq releases Bryan A. Jones
Re: Old file in daq releases Joel Esler
Re: CLI support for downloading DAQ Joel Esler
http_header Andrew Torres
Re: http_header Joel Esler
Re: Snort new install won't start Nabyl Benmlih
Missing packets with by2 Jim Hranicky
PF_RING DAQ with Snort 2.9.3 compile errors Robert Vineyard
Fwd: Missing packets with by2 beenph
Re: Fwd: Missing packets with by2 Jim Hranicky
Re: Fwd: Missing packets with by2 beenph

Tuesday, 24 July

Re: Snort 2.9.3.0 - Some groups of rules missing fromsnort.conf JJC
Re: Fwd: Missing packets with by2 Jim Hranicky
Sourcefire VRT Certified Snort Rules Update 2012-07-24 Research
Re: Fwd: Missing packets with by2 beenph
Re: Snort new install won't start Joel Esler
Re: Snort new install won't start Nabyl Benmlih
Re: Fwd: Missing packets with by2 Jim Hranicky
Re: Snort new install won't start Joel Esler
Re: [barnyard2-users] Re: Fwd: Missing packets with by2 beenph
Re: [barnyard2-users] Re: Fwd: Missing packets with by2 Jim Hranicky
Re: [barnyard2-users] Re: Fwd: Missing packets with by2 beenph
Re: Snort 2.9.3.0 - Some groups of rules missing fromsnort.conf Michael Steele
Re: Snort 2.9.3.0 - Some groups of rules missing fromsnort.conf Joel Esler
FN with http_header and pcreH followed by same http_header+distance0... Rm Kml
Re: FN with http_header and pcreH followed by same http_header+distance0... Graham Bignell
Re: [barnyard2-users] Re: Fwd: Missing packets with by2 Jim Hranicky
Re: FN with http_header and pcreH followed by same http_header+distance0... Joel Esler
Re: [barnyard2-users] Re: Fwd: Missing packets with by2 beenph
How to write a snort rule match NO content GET or POST in http request Tran M. Thang
Best practices dealing with alerts Lahav Savir
Re: Snort-users Digest, Vol 74, Issue 60 Mohamed Talaat

Wednesday, 25 July

Re: Still Empty log file Yonas Abebe
Snort's modules Pratik Narang
Snort's modules Pratik Narang
Snort installation - restore mysql (snort-2.9.3). GITSS
Re: Snort installation - restore mysql (snort-2.9.3). Balasubramaniam Natarajan
Re: Snort installation - restore mysql (snort-2.9.3). Joel Esler
Re: Snort's modules Joel Esler
Re: Still Empty log file Jeremy Hoel
Re: Snort's modules Russ Combs
Re: Best practices dealing with alerts Joel Esler
Enormous increase in GZIP Decompression failures with 2.9.3 vs 2.9.2.3 on 64-bit Brett Edgar
Re: Snort-users Digest, Vol 74, Issue 60 Joel Esler
Re: Enormous increase in GZIP Decompression failures with 2.9.3 vs 2.9.2.3 on 64-bit Brett Edgar
Re: Snort installation - restore mysql (snort-2.9.3). Weir, Jason
Re: How to write a snort rule match NO content GET orPOST in http request Lay, James
Re: How to write a snort rule match NO content GET orPOST in http request Andrew Torres
Re: How to write a snort rule match NO content GET orPOST in http request Lay, James
Re: How to write a snort rule match NO content GET orPOST in http request Andrew Torres
Re: How to write a snort rule match NO content GET orPOST in http request Joel Esler
Snort HTTP Pre-processor issues Sharath Hiremagalore
Re: How to write a snort rule match NO content GET orPOST in http request Alex Kirk
Pulled Pork 403 Error Brandon Phelps
Re: Pulled Pork 403 Error Brandon Phelps
Re: Enormous increase in GZIP Decompression failures with 2.9.3 vs 2.9.2.3 on 64-bit Matt Watchinski
Re: Pulled Pork 403 Error Joel Esler

Thursday, 26 July

understand snort code--Where to start ? Bravo Snipper
TCP Syn performance test Jaime Nebrera
Re: Enormous increase in GZIP Decompression failures with 2.9.3 vs 2.9.2.3 on 64-bit Brett Edgar
ICMP type 8 code 80? Castle, Shane
Re: ICMP type 8 code 80? Ian Bowers
Re: ICMP type 8 code 80? Giles Coochey
Re: ICMP type 8 code 80? Giles Coochey
Re: ICMP type 8 code 80? Patterson, David R (IHS/HQ)
Re: ICMP type 8 code 80? Patterson, David R (IHS/HQ)
"http_client_body" rule not working Shaiming Hsiung
Re: How to write a snort rule match NO content GET or POST in http request Shaiming Hsiung
Re: How to write a snort rule match NO content GET or POST in http request Alex Kirk
Re: How to write a snort rule match NO content GET or POST in http request Shaiming Hsiung
option -o in snort 2.8.5.2-8 Diego Moronta
Re: "http_client_body" rule not working rmkml

Friday, 27 July

Re: Snort's modules Pratik Narang
Re: option -o in snort 2.8.5.2-8 Joel Esler
Dealing with Snort rules and signatures Pratik Narang
Re: Snort's modules Russ Combs
Re: "http_client_body" rule not working Shaiming Hsiung
Re: understand snort code--Where to start ? Russ Combs
Re: "http_client_body" rule not working rmkml
Using snort on eclipse mayssa jemel

Saturday, 28 July

Re: Still Empty log file Yonas Abebe
Re: [Snort-users] [Emerging-Sigs] ICMP type 8 code 80? Leonard P. Jacobs
Re: [Snort-users] [Emerging-Sigs] ICMP type 8 code 80? Leonard P. Jacobs
Performance test Hamid Reza Hasani
Bug; ts_print() reporting negative years before 2000 David Turnbull
Re: [Emerging-Sigs] ICMP type 8 code 80? Rajiv D
Re: Still Empty log file Jeremy Hoel

Sunday, 29 July

Snort on Solaris Rony Roy
Re: Snort on Solaris Balasubramaniam Natarajan
request enhance old sid 3193 please rmkml
Re: [Emerging-Sigs] request enhance old sid 3193 please Matt Jonkman
Re: How to write a snort rule match NO content GET or POST in http request Tran M. Thang

Monday, 30 July

problem with pulledpork Brickman Gonzalez, Sara
Dealing with Snort rules and signatures Pratik Narang
No alert on base 1.4.5 with sfportscan - snort 2.9.2.2 Dang Le Nam
Re: No alert on base 1.4.5 with sfportscan - snort 2.9.2.2 Joel Esler
Re: problem with pulledpork Joel Esler
Re: Still Empty log file Yonas Abebe
Re: No alert on base 1.4.5 with sfportscan - snort 2.9.2.2 Michael Steele
Re: Still Empty log file Jeremy Hoel
setting up snort Michael Brown
Re: setting up snort Joel Esler
Re: How to write a snort rule match NO content GET or POST in http request waldo kitty
Re: How to write a snort rule match NO content GET or POST in http request kay
Portscan traffic don't appear on BASE - snort 2.9.2.2 Dang Le Nam

Tuesday, 31 July

about http config 陆康
Re: about http config Joel Esler
How to see output snort rule TAG option? Tran M. Thang
Re: Still Empty log file Yonas Abebe

Wednesday, 01 August

Re: Portscan traffic don't appear on BASE - snort 2.9.2.2 Joel Esler
Re: How to see output snort rule TAG option? James Dickenson
Snort 2.9.x pcap & pfring Lawrence R. Hughes, Sr.
Barnyard - Database link down Steven Vona
Re: problem with pulledpork Joel Esler
Re: problem with pulledpork JJC
Re: "http_client_body" rule not working Shaiming Hsiung
Sourcefire VRT Certified Snort Rules Update 2012-08-01 Research

Thursday, 02 August

Snort and DPI Pratik Narang
Re: Snort and DPI Kevin Ross
Sourcefire VRT Certified Snort Rules Update 2012-08-02 Research

Friday, 03 August

PCRE and cross packet matching vpiserchia () gmail com
Re: PCRE and cross packet matching Patrick Mullen
Re: PCRE and cross packet matching Tony Robinson
Re: PCRE and cross packet matching Marcos Rodriguez
Re: Snort-sigs Digest, Vol 75, Issue 1 PR
Re: Snort-sigs Digest, Vol 75, Issue 1 PR
Re: Dealing with Snort rules and signatures Joel Esler
Re: Snort-sigs Digest, Vol 75, Issue 1 Joel Esler

Sunday, 05 August

Convert pcap file or snort log file to csv file to analysis, Dang Le Nam
IP- and Portvar buffer limit? William Sandin
Re: Convert pcap file or snort log file to csv file to analysis, Michael Wood
Re: IP- and Portvar buffer limit? Jeremy Hoel
Re: IP- and Portvar buffer limit? Will Metcalf
Compiling Barnyard with ./configure --with-mysql --with-postgresql Michael Steele
Re: [barnyard2-users] Compiling Barnyard with ./configure --with-mysql --with-postgresql beenph
Re: Compiling Barnyard with ./configure --with-mysql --with-postgresql Joel Esler
Re: [barnyard2-users] Compiling Barnyard with ./configure --with-mysql --with-postgresql Michael Steele
Re: [barnyard2-users] Compiling Barnyard with ./configure --with-mysql --with-postgresql beenph
Re: PCRE and cross packet matching Jason Haar
Is there a ruleset for breakingpoint malicious traffic? MuSung Kim
Re: IP- and Portvar buffer limit? William Sandin
Barnyard - Database link down Steven Vona
Re: Barnyard - Database link down beenph
Re: Barnyard - Database link down William Sandin
Re: Barnyard - Database link down beenph

Monday, 06 August

Re: PCRE and cross packet matching vpiserchia () gmail com
Re: PCRE and cross packet matching Joel Esler
Re: PCRE and cross packet matching Joel Esler
Re: Is there a ruleset for breakingpoint malicious traffic? C. Marshall
Rule thought James Lay
Re: Rule thought lists () packetmail net
Re: Rule thought James Lay
snort 2.9.x Barnyard2-1.9 Build without libpcap Lawrence R. Hughes, Sr.
Re: Rule thought lists () packetmail net
Re: snort 2.9.x Barnyard2-1.9 Build without libpcap beenph

Tuesday, 07 August

Snort Sam Pratik Narang
Problem rebuilding rpm from daq Budinich Galvez, Luis Alberto
Re: Snort Sam Joel Esler
Content-list rule option Jose Ortiz
Re: Content-list rule option Jeremy Hoel
Re: Content-list rule option Joel Esler
Sourcefire VRT Certified Snort Rules Update 2012-08-07 Research
Barnyard - Database link down Steven Vona

Wednesday, 08 August

preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission Amm Snort
Re: Content-list rule option Jose Ortiz
Re: preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission Russ Combs
Re: preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission Amm Snort
Re: preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission Russ Combs
Snort 2.9.3.1 Now Available Snort Releases
Snort 2.9.3.1 Now Available Snort Releases
A question on flows with pcaps James Lay
Re: A question on flows with pcaps Will Metcalf
Automated File Carving? Jefferson, Shawn
Re: Automated File Carving? Tim Covel
Re: Automated File Carving? Tony Robinson
Re: Automated File Carving? Marcos Rodriguez
Re: A question on flows with pcaps James Lay
Re: Automated File Carving? Maunu, Mark
Re: Automated File Carving? Doug Burks
Re: Automated File Carving? PS
ERROR: The dynamic detection library Jerry McCaslin
Re: ERROR: The dynamic detection library waldo kitty
[HITB-Announce] HITB Magazine Issue 009 - Call for Submissions Hafez Kamal
schemas not created Paul Sharon
Re: schemas not created Amm Snort
Re: schemas not created Heine Lysemose

Thursday, 09 August

snort 2.9.3 core dump on solaris 10 sparc Luis
Re: snort 2.9.3 core dump on solaris 10 sparc Todd Wease
Re: snort 2.9.3 core dump on solaris 10 sparc Luis
Re: preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission Joel Esler
Re: preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission Amm Snort
Re: Downloading older versions of snort Mike Cox
Re: [Emerging-Sigs] Downloading older versions of snort Joel Esler
Compiling PostgreSQL for Barnyard2 Michael Steele
Sourcefire VRT Certified Snort Rules Update 2012-08-09 Research
Spotify music app signature Ivan Raic

Friday, 10 August

redBorder IPS Manual Jaime Nebrera
Re: [Emerging-Sigs] Downloading older versions of snort Mike Cox
Re: [Emerging-Sigs] Downloading older versions of snort Joel Esler
Re: [Emerging-Sigs] Downloading older versions of snort Mike Cox
Re: preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission Amm Snort
Re: preprocessor normalize_tcp: ips ecn stream dropping SYN retransmission Russ Combs
Re: [Emerging-Sigs] Downloading older versions of snort Mike Cox
Re: [Emerging-Sigs] Downloading older versions of snort Joel Esler
Re: [Emerging-Sigs] Downloading older versions of snort Joel Esler
Re: [Emerging-Sigs] Downloading older versions of snort Mike Cox
Re: [Emerging-Sigs] Downloading older versions of snort Mike Cox
Re: [Emerging-Sigs] Downloading older versions of snort Joel Esler
Re: [Emerging-Sigs] Downloading older versions of snort JP Vossen
Re: [Emerging-Sigs] Downloading older versions of snort Joel Esler
Error when running snort_inline 2.6.1.5 on Centos x86-64 Dang Le Nam
Re: Error when running snort_inline 2.6.1.5 on Centos x86-64 Will Metcalf

Sunday, 12 August

Re: [Emerging-Sigs] Downloading older versions of snort Logan Anderson
Installing & Configuring snort Damien Hull

Monday, 13 August

Question About Variables Nicholas Horton
problem with using snort to log in MS SQL server on another machine Asieh Mokarian
Fw: Re: hi, I'd like to use portscan preprocessor for detect nmap scan, But it' can't works, could you give me some hint? many thx! 韩方
false positives Mit lincoln laboratory and snort signatures Negin Nickparsa
Re: Installing & Configuring snort Peter Bates
Re: Snort-users Digest, Vol 75, Issue 15 Dang Le Nam
Re: problem with using snort to log in MS SQL server on another machine waldo kitty

Tuesday, 14 August

Re: problem with using snort to log in MS SQL server on another machine Michael Steele
Multi-process Snort Pratik Narang
Re: problem with using snort to log in MS SQL server on another machine Joel Esler
Rules and Tuning Steven Vona
Re: false positives Mit lincoln laboratory and snort signatures Jefferson, Shawn
Re: Multi-process Snort Marcos Rodriguez
Re: Rules and Tuning JJC
Re: Rules and Tuning Tony Robinson
Re: Multi-process Snort Nikolai Preminin
Re: Multi-process Snort Robert Vineyard
Sourcefire VRT Certified Snort Rules Update 2012-08-14 Research

Wednesday, 15 August

Understanding within James Lay
Re: Understanding within lists () packetmail net
Re: Understanding within James Lay
Re: Understanding within Joel Esler
Re: Understanding within lists () packetmail net
Re: Understanding within James Lay
Re: Understanding within lists () packetmail net
Re: Understanding within Joel Esler
Re: Understanding within James Lay
Sourcefire VRT Certified Snort Rules Update 2012-08-15 Research

Thursday, 16 August

Failed to parse the IP address: $HOME_NET Chiesa Stefano
Re: Failed to parse the IP address: $HOME_NET Lay, James
Re: Failed to parse the IP address: $HOME_NET Joel Esler
Re: Failed to parse the IP address: $HOME_NET Dave Venman
Fwd: cve-2010-1635 detection THG
Re: [Snort-users] Multi-process Snort Joel Esler
Re: Failed to parse the IP address: $HOME_NET Craft, Robert
Re: Failed to parse the IP address: $HOME_NET John Gay
Re: Rules and Tuning Steven Vona
Re: Rules and Tuning Joel Esler
Re: false positives Mit lincoln laboratory and snort signatures Joel Esler
Re: Rules and Tuning JJ Cummings
Hot News: Barnyard2 is now on Windows! Michael Steele

Friday, 17 August

Re: Fwd: cve-2010-1635 detection Balasubramaniam Natarajan
Re: Fwd: cve-2010-1635 detection Joel Esler
Re: [Snort-users] Multi-process Snort Pratik Narang
Re: Multi-process Snort Peter Bates
R: Failed to parse the IP address: $HOME_NET - [[]] Chiesa Stefano
Barnyard2 giving issues after upgrading system Pratik Narang
Re: Multi-process Snort Mitesh Jadia
Re: Barnyard2 giving issues after upgrading system beenph
Re: unsubscribe Shanks
Re: unsubscribe Russ Combs
Re: Content-list rule option Joel Esler
Re: unsubscribe Joel Esler
Re: Automated File Carving? Joel Esler
Re: Automated File Carving? Jefferson, Shawn
Re: Automated File Carving? Joel Esler
(no subject) Gautham Rachaiah

Saturday, 18 August

Re: Fwd: cve-2010-1635 detection Balasubramaniam Natarajan
snort sensor placement-packet decoding issues hamid alaei
FreeBSD and alert_unixsock Daniel Merritt
Expect Script Nicholas Horton
Re: Expect Script Joel Esler

Sunday, 19 August

Re: Expect Script Nicholas Horton
Expect Script Nicholas Horton
I'd like to be able to post to this list - auth me? thanks Pete PR
Re: [Snort-sigs] Snort-sigs Digest, Vol 75, Issue 1 PR
Is there a 64bit version of Snort 2.9.3 available for download from snort.org? PR
Re: Is there a 64bit version of Snort 2.9.3 available for download from snort.org? JJ Cummings
Re: Your message to Snort-sigs awaits moderator approval PR
Re: I'd like to be able to post to this list - auth me? thanks Pete Joel Esler
WEB-MISC backup access yew chuan Ong

Monday, 20 August

Snort 2.9.3.1 / Barnyard2 2.1.9 Problem Berndt, Achim
SNORT (snortsam) integration with Checkpoint NGX R65 Chiesa Stefano
Re: Snort 2.9.3.1 / Barnyard2 2.1.9 Problem beenph
Re: [Snort-sigs] Snort-sigs Digest, Vol 75, Issue 1 Victor Roemer
Re: SNORT (snortsam) integration with Checkpoint NGX R65 Joel Esler
Re: WEB-MISC backup access Joel Esler
R: SNORT (snortsam) integration with Checkpoint NGXR65 - [[]] Chiesa Stefano
Issues with install Snort 2.9.3.1 Barnyard2 -1.9 Jimmy Ford
Re: Issues with install Snort 2.9.3.1 Barnyard2 -1.9 waldo kitty
Re: WEB-MISC backup access yew chuan Ong
WinSnort.com News: New Guided Install for Compiling Barnyard2 on Windows have arrived! Michael Steele

Tuesday, 21 August

snort classification Question mohamad hosein jafari
Adobe Flash outdated Paul Cable
Netflix Paul Cable
Re: Adobe Flash outdated Castle, Shane
Re: Adobe Flash outdated Paul Cable
Re: snort classification Question mohamad hosein jafari
Re: FreeBSD and alert_unixsock Joel Esler
Re: snort classification Question Joel Esler
Re: Netflix Joel Esler
Re: snort classification Question mohamad hosein jafari
Re: snort classification Question Joel Esler
Re: snort classification Question mohamad hosein jafari
Re: snort classification Question Joel Esler
Re: snort classification Question mohamad hosein jafari
Re: snort classification Question mohamad hosein jafari
Re: Netflix Paul Cable
Re: [barnyard2-users] WinSnort.com News: New Guided Install for Compiling Barnyard2 on Windows have arrived! beenph
Re: Netflix Joel Esler
Re: Adobe Flash outdated Castle, Shane
Re: snort classification Question Joel Esler
Re: snort classification Question mohamad hosein jafari
Re: snort classification Question Joel Esler
Re: snort classification Question waldo kitty
Re: snort classification Question mohamad hosein jafari
Re: snort classification Question Mike Hale
Re: snort classification Question mohamad hosein jafari
Re: snort classification Question Mike Hale
Re: snort classification Question beenph
Re: snort classification Question mohamad hosein jafari
Re: Adobe Flash outdated Paul Cable
R: SNORT (snortsam) integration with Checkpoint NGX R65 - [[]] Chiesa Stefano

Wednesday, 22 August

Re: snort classification Question mohamad hosein jafari
Re: Adobe Flash outdated Edward Fjellskål
False positives Philip Edwards
Re: snort classification Question James Lay
Ethernet Frames hamid alaei
Re: snort classification Question Joel Esler
Re: False positives Joel Esler
Re: Adobe Flash outdated Joel Esler
Re: SNORT (snortsam) integration with Checkpoint NGX R65 - [[]] Joel Esler
Sourcefire VRT Certified Snort Rules Update 2012-08-22 Research
Snort SIP Preprocessor error Jesse Whyte
Snort Installed fine but daemon will not run Jimmy Ford
Re: Snort Installed fine but daemon will not run Jeremy Hoel
Re: Snort Installed fine but daemon will not run Heine Lysemose
Re: Snort Installed fine but daemon will not run Weir, Jason
Re: Snort Installed fine but daemon will not run Jimmy Ford
Re: Snort Installed fine but daemon will not run Jimmy Ford
Re: Snort Installed fine but daemon will not run Jeremy Hoel
Re: Snort Installed fine but daemon will not run Jimmy Ford
Stream5 Nicholas Horton
Re: Snort Installed fine but daemon will not run Jeremy Hoel
Re: Snort Installed fine but daemon will not run Jimmy Ford
Re: RE : Snort SIP Preprocessor error Jesse Whyte
Re: Snort Installed fine but daemon will not run Peter Bates
Re: Stream5 Edward Fjellskål
Autosnort v1 for Ubuntu 12.04 Tony Robinson
Re: Snort SIP Preprocessor error Joel Esler
turnkey snort system? MLP SCADA
Re: turnkey snort system? Tony Robinson
Re: turnkey snort system? Joel Esler
Re: turnkey snort system? MLP SCADA
Re: turnkey snort system? Marcos Rodriguez
Re: turnkey snort system? MLP SCADA
Re: Stream5 Nicholas Horton
Re: snort classification Question mohamad hosein jafari
What do I need to configure in snort.conf to protect against segmentation attacks? Emeka Agu

Thursday, 23 August

Ethernet Frames hamid alaei
Triggering some rules Pratik Narang
Test Snort Márcio Erli
Re: Test Snort Tony Robinson
Re: Gripe - Snort "other" downloads not signed/hashed Joel Esler
Re: Gripe - Snort "other" downloads not signed/hashed Tony Robinson
Sourcefire VRT Certified Snort Rules Update 2012-08-23 Research
snort 2.9.2.2 undefined symbols, and no data Jeffrey Jilg
Re: Test Snort Márcio Erli
Re: Stream5 Nicholas Horton
Re: [Emerging-Sigs] Hungry and tired Joel Esler
Re: Stream5 ARAI Shun-ichi
Re: snort classification Question waldo kitty
pcaps for triggering rules Pratik Narang
Re: pcaps for triggering rules waldo kitty
Re: pcaps for triggering rules Tony Robinson

Friday, 24 August

Re: pcaps for triggering rules Gmail Personal
Re: pcaps for triggering rules Tony Robinson
Re: pcaps for triggering rules Pratik Narang
Re: pcaps for triggering rules Peter Bates
Re: pcaps for triggering rules Heine Lysemose
Re: pcaps for triggering rules Gmail Personal
Re: pcaps for triggering rules Gmail Personal
suppressing all signatures from a particular generator James Davis
Snort 2.9.2.2 is now End-Of-Lifed Joel Esler
Stream5 Nicholas Horton
snort not logging Pardeep Dhiman
Re: pcaps for triggering rules Pratik Narang
Re: pcaps for triggering rules Joel Esler
Re: suppressing all signatures from a particular generator Victor Roemer
Re: pcaps for triggering rules Sunny James Fugate
Re: pcaps for triggering rules Pratik Narang
Re: pcaps for triggering rules Joel Esler
Re: pcaps for triggering rules Joel Esler
byte_test question harry.tuttle
Snort Labs and conf files for 2.9.3.1? Weir, Jason
Snort IDS vs my firewall Pratik Narang
Re: Snort Labs and conf files for 2.9.3.1? Joel Esler
Re: byte_test question Joel Esler
PulledPork modifysid issue Castle, Shane
Re: PulledPork modifysid issue Joel Esler
Re: Snort IDS vs my firewall Joel Esler
Re: PulledPork modifysid issue Castle, Shane
Re: byte_test question harry.tuttle
Re: snort not logging Tony Robinson
Re: byte_test question Joel Esler
Snort 2.9.3.1 / Barnyard2 2.1.10 / Base 1.4.5 -> view alert problem Berndt, Achim
Re: Snort 2.9.3.1 / Barnyard2 2.1.9 Problem Berndt, Achim
Configuring Snort Damien Hull
Re: Configuring Snort Marcos Rodriguez
Re: PulledPork modifysid issue Castle, Shane
Quick rebots sig James Lay
(no subject) joecat28
Re: Configuring Snort Damien Hull
Re: Configuring Snort Damien Hull
Re: snort classification Question mohamad hosein jafari
Re: snort classification Question Jeremy Hoel
Re: snort classification Question Mike Hale
Re: snort classification Question mohamad hosein jafari
Re: Configuring Snort Tony Robinson

Saturday, 25 August

Re: Snort 2.9.3.1 / Barnyard2 2.1.9 Problem Berndt, Achim
Re: Configuring Snort Joel Esler
Re: Snort IDS vs my firewall Pratik Narang
Snort weird behaviour Balasubramaniam Natarajan
Re: snort classification Question waldo kitty
Re: Snort weird behaviour waldo kitty
Re: Stream5 Nicholas Horton
Re: snort classification Question Mike Hale
Re: Snort weird behaviour Joel Esler
Re: snort classification Question waldo kitty
Re: snort classification Question mohamad hosein jafari
Re: Snort weird behaviour Balasubramaniam Natarajan

Sunday, 26 August

Re: What do I need to configure in snort.conf to protect against segmentation attacks? Emeka Agu
Re: What do I need to configure in snort.conf to protect against segmentation attacks? Gmail Personal
Re: Snort weird behaviour Joel Esler
Re: Snort IDS vs my firewall Joel Esler
Re: Snort IDS vs my firewall Pratik Narang
Snort not seeing traffic Pratik Narang

Monday, 27 August

Re: What do I need to configure in snort.conf to protect against segmentation attacks? Emeka Agu
Re: Snort Labs and conf files for 2.9.3.1? Weir, Jason
Re: Snort Labs and conf files for 2.9.3.1? Joel Esler
Re: What do I need to configure in snort.conf to protect against segmentation attacks? Joel Esler
Re: Snort Labs and conf files for 2.9.3.1? Weir, Jason
Re: Snort Labs and conf files for 2.9.3.1? Joel Esler
Re: Snort not seeing traffic Jeremy Hoel
Re: Quick rebots sig Joel Esler
Re: Quick rebots sig lists () packetmail net
Re: Quick rebots sig James Lay
Re: Quick rebots sig lists () packetmail net
Re: Quick rebots sig Joel Esler
Re: What do I need to configure in snort.conf to protect against segmentation attacks? Joel Esler
Re: Quick rebots sig James Lay
Re: Snort not seeing traffic Pratik Narang

Tuesday, 28 August

Re: Snort not seeing traffic Jeremy Hoel
rules for new Java 0-day? John York
Re: rules for new Java 0-day? JJ Cummings
Pulled Pork Nicholas Horton
Re: Pulled Pork JJC
Re: Pulled Pork Nicholas Horton
Re: Pulled Pork Castle, Shane
Re: Pulled Pork JJC
Re: Pulled Pork Jeremy Hoel
Re: Pulled Pork JJ Cummings
Sourcefire VRT Certified Snort Rules Update 2012-08-28 Research
Re: Pulled Pork Nicholas Horton
Re: rules for new Java 0-day? Joel Esler
Compiling Barnyard2 Win-32 - Scripted Compiling added Michael Steele
pcap comparison too; David Wilson

Wednesday, 29 August

Re: suppressing all signatures from a particular generator James Davis
Re: Snort not seeing traffic Pratik Narang
snort admin interface GUI type Rina Rina
Re: snort admin interface GUI type Heine Lysemose
which rules to load ? Pratik Narang
Re: Snort not seeing traffic Peter Bates
Re: snort admin interface GUI type Jaime Nebrera
Re: snort admin interface GUI type Paul Halliday
Re: snort admin interface GUI type Jaime Nebrera
Re: snort admin interface GUI type Paul Halliday
Re: snort admin interface GUI type Jaime Nebrera
Re: which rules to load ? Peter Bates
what is difference mohamad hosein jafari
Re: what is difference Joel Esler
Re: pcap comparison too; Joel Esler
snorby, squert, BASE and sguil stopped except Snort daisung choi
Re: snorby, squert, BASE and sguil stopped except Snort Doug Burks
Re: which rules to load ? Jefferson, Shawn
Re: snorby, squert, BASE and sguil stopped except Snort Jefferson, Shawn
Disabled rule still alerting Tony Reusser
Re: Disabled rule still alerting Tony Reusser
Re: Disabled rule still alerting Tony Reusser
Re: Disabled rule still alerting Joel Esler
Low hanging fruit - inforet James Lay
Re: Disabled rule still alerting - UPDATE - FIXED ! Tony Reusser
Re: Low hanging fruit - inforet lists () packetmail net
Snort + PF_RING + DAQ Eric Luellen
Re: Disabled rule still alerting - UPDATE - FIXED ! Joel Esler
Email Nicholas Horton
Re: Low hanging fruit - inforet James Lay
Re: suppressing all signatures from a particular generator Victor Roemer
Re: Low hanging fruit - inforet Joel Esler
Re: Email Joel Esler
Re: Low hanging fruit - inforet James Lay
Re: Email Horton, Nicholas A - Merrifield, VA - Contractor
Re: Email Greg Williams
Re: Email Nicholas Horton
Re: Email Greg Williams
Re: Email Jason Haar
Re: Email Bill Mathews
Re: what is difference mohamad hosein jafari
Re: what is difference Joel Esler

Thursday, 30 August

Large receive offload, good or bad? elof
Re: suppressing all signatures from a particular generator James Davis
How to check snort rules syntax using snortvalidator Tran M. Thang
Re: Snort + PF_RING + DAQ Eric Luellen
DAQ module for Endace cards William Allison
Re: Large receive offload, good or bad? Joel Esler
Snort.org Blog: Rule Category Reorganization Phase 2 Joel Esler
Re: Snort.org Blog: Rule Category Reorganization Phase 2 lists () packetmail net
Re: Large receive offload, good or bad? Peter Bates
Re: Snort + PF_RING + DAQ Peter Bates
Re: [Snort-sigs] Snort.org Blog: Rule Category Reorganization Phase 2 Joel Esler
Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue Eric Biederman
Re: Email Nicholas Horton
Re: Email Nicholas Horton
Re: Email Nicholas Horton
Re: Snort + PF_RING + DAQ livio Ricciulli
Sourcefire VRT Certified Snort Rules Update 2012-08-30 Research
Downloading Snort 2.9.3.0 Damien Hull
Re: Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue Jeremy Hoel
Re: Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue beenph
mystery alerts Tony Reusser
Re: mystery alerts James Lay
Swatch Nicholas Horton

Friday, 31 August

Re: Snort-users Digest, Vol 75, Issue 79 Stefano Debenedetti
Re: Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue Eric Biederman
Variables Michael Brown
Re: Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue beenph
Re: Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue Joel Esler
Re: Variables Joel Esler
Re: Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue Jeremy Hoel
Re: Downloading Snort 2.9.3.0 Joel Esler
Re: Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue Joel Esler
Re: Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue beenph
Re: Variables Michael Brown
Size of $HOME_NET Peter Bates
Re: Variables Joel Esler
Re: Variables Michael Brown
Re: Variables Joel Esler
Re: Size of $HOME_NET Joel Esler
Re: Snort 2.9.3.1, Barnyard2 2.9.1 and Mysql issue Eric Biederman
PCRE recursion limit override related segv... Will Metcalf
Re: PCRE recursion limit override related segv... Joel Esler
Re: PCRE recursion limit override related segv... Joel Esler
Re: PCRE recursion limit override related segv... Steven Sturges
Re: PCRE recursion limit override related segv... Will Metcalf
Quick Kuluoz sig James Lay
Re: Quick Kuluoz sig Joel Esler

Saturday, 01 September

Error plugin snort performance on munin project Dang Le Nam
Frag3 timeout ignored Gmail Personal
Re: Frag3 timeout ignored waldo kitty

Sunday, 02 September

Re: Frag3 timeout ignored Emeka Agu
Re: Frag3 timeout ignored waldo kitty

Monday, 03 September

Programming output module Nikolai Preminin
Problem Compiling Snort! Arshan Awais

Tuesday, 04 September

virus.rules file Pratik Narang
Re: virus.rules file Joel Esler
Re: Problem Compiling Snort! Victor Roemer
Re: Problem Compiling Snort! Victor Roemer
Re: Snort + PF_RING + DAQ Jack
Re: Snort + PF_RING + DAQ livio Ricciulli
Re: Snort + PF_RING + DAQ Joel Esler
Re: Snort + PF_RING + DAQ Peter Bates
Re: Snort + PF_RING + DAQ Joel Esler
Re: Snort + PF_RING + DAQ Joel Esler
Re: Snort + PF_RING + DAQ Livio Ricciulli
Sourcefire VRT Certified Snort Rules Update 2012-09-04 Research
Re: Snort + PF_RING + DAQ Peter Bates
Multiple Instances of Snort and Barnyard2 Startup script Jack
Re: Snort + PF_RING + DAQ beenph
Re: Multiple Instances of Snort and Barnyard2 Startup script beenph
Re: Snort + PF_RING + DAQ livio Ricciulli
Re: Snort + PF_RING + DAQ beenph
Re: Snort + PF_RING + DAQ livio Ricciulli
Re: Snort + PF_RING + DAQ Luca Deri
Re: Snort + PF_RING + DAQ livio Ricciulli
Re: Snort + PF_RING + DAQ Joel Esler

Wednesday, 05 September

Snort's architecture Pratik Narang
Re: Snort + PF_RING + DAQ Peter Bates
stream5 and http_inspect Pratik Narang
Re: stream5 and http_inspect Joel Esler
Re: stream5 and http_inspect Jack
Problems compiling SnortSam on OpenBSD ML mail
Re: Problems compiling SnortSam on OpenBSD Joel Esler
Re: Problems compiling SnortSam on OpenBSD ML mail
Re: Problems compiling SnortSam on OpenBSD Jeff Kell
Re: Problems compiling SnortSam on OpenBSD Joel Esler

Thursday, 06 September

Re: Snort + PF_RING + DAQ Peter Bates
Re: Snort + PF_RING + DAQ Joel Esler
Warning: Can't find any whitelist/blacklist entries. Reputation Preprocessor disabled. jtravlos
Is snort.org down? Steve Sandington
Re: Warning: Can't find any whitelist/blacklist entries. Reputation Preprocessor disabled. Lay, James
Re: Is snort.org down? Joel Esler
Re: Warning: Can't find any whitelist/blacklist entries. Reputation Preprocessor disabled. Jack
False positives/Oink Code/Oinkmaster vs Pulled Pork? PR
here is a screenshot. sorry! i forgot to attach PR
Re: False positives/Oink Code/Oinkmaster vs Pulled Pork? Joel Esler
Re: Warning: Can't find any whitelist/blacklist entries. Reputation Preprocessor disabled. jtravlos
Rule thoughts James Lay
Re: Rule thoughts Joel Esler
Re: Rule thoughts James Lay
Re: Rule thoughts lists () packetmail net
Re: Rule thoughts James Lay
Sourcefire VRT Certified Snort Rules Update 2012-09-06 Research
Re: Rule thoughts rmkml
Re: Rule thoughts James Lay
Re: Rule thoughts James Lay
Re: Snort's architecture Tony Robinson
Re: Snort's architecture dandantheitman
Re: Snort's architecture JJC

Friday, 07 September

Re: Multiple Instances of Snort and Barnyard2 Startup script Jack
Dynamic Preprocessor example does not make alert why? Yoshimasa Obana
Re: Dynamic Preprocessor example does not make alert why? Martin Schütte
Re: Multiple Instances of Snort and Barnyard2 Startup script Jack
Re: Rule thoughts waldo kitty
Re: Snort's architecture waldo kitty
Re: Dynamic Preprocessor example does not make alert why? Joel Esler
Re: Snort's architecture Victor Roemer
Couple sigs James Lay
Re: typical errors when trying pulledpork Joel Esler
Re: Snort's architecture waldo kitty
Re: typical errors when trying pulledpork PR
Re: [Snort-users] Snort-users Digest, Vol 76, Issue 16 c_mullins702000 () yahoo com
Snort 2.9.3.1 - Barnyard2 - BASE 1.4.5 PostgreSQL 9.1.4 - Viewing events gives error Michael Steele
Re: Snort-users Digest, Vol 76, Issue 16 Joel Esler
Re: typical errors when trying pulledpork Joel Esler

Saturday, 08 September

Help with Alerts Pratik Narang
Re: Help with Alerts Joel Esler
Re: typical errors when trying pulledpork PR
Re: typical errors when trying pulledpork PR
Re: typical errors when trying pulledpork PR
typical errors when trying pulledpork PR
Re: typical errors when trying pulledpork PR
Warning: Can't find any whitelist/blacklist entries. Reputation Preprocessor disabled. jtravlos
Re: typical errors when trying pulledpork Joel Esler
Re: Warning: Can't find any whitelist/blacklist entries. Reputation Preprocessor disabled. Jack
Re: typical errors when trying pulledpork Jack
Posting H Phillips
Re: [Snort-sigs] typical errors when trying pulledpork waldo kitty
Re: Help with Alerts waldo kitty
Re: [Snort-sigs] typical errors when trying pulledpork Eric G
BASE Error: base_qry_alert.php:535: db->DB->MetaColumnNames('data') is NOT an array. Ignoring. Michael Steele
Output database option - Back in? Michael Steele
Re: Output database option - Back in? Victor Roemer
Re: typical errors when trying pulledpork PR

Sunday, 09 September

Re: [Snort-sigs] typical errors when trying pulledpork PR
Re: Output database option - Back in? PR
Re: Output database option - Back in? PR
Help with Alerts Pratik Narang
how to change mailto address leon () kingdest com
Fwd: how to change mailto address leon () kingdest com
Re: Help with Alerts James Lay
where can i download BASE? leon () kingdest com
Re: typical errors when trying pulledpork Joel Esler
Re: where can i download BASE? Eric G
Re: typical errors when trying pulledpork waldo kitty
Re: Help with Alerts waldo kitty
Re: how to change mailto address waldo kitty
Re: Help with Alerts waldo kitty
Re: Help with Alerts Joel Esler
Re: Fwd: how to change mailto address Joel Esler
Re: Help with Alerts Michael Steele
Re: Help with Alerts Joel Esler
Re: Help with Alerts Michael Steele
Re: Help with Alerts Joel Esler
snort inline with jumbo frame Sheng-Hao Wang
Re: where can i download BASE? Pratik Narang

Monday, 10 September

Fwd: Help with Alerts Joel Esler
Re: Couple sigs Alex Kirk
Re: Couple sigs Alex Kirk
snort ips Tom Hangstin
snort inline with jumbo frame Sheng-Hao Wang
Re: PostgreSQL problem Michael Steele
Re: Couple sigs James Lay
Re: snort inline with jumbo frame Russ Combs
Re: Couple sigs Alex Kirk
Re: Couple sigs James Lay
Re: Couple sigs lists () packetmail net
Re: Couple sigs Alex Kirk
Re: Couple sigs lists () packetmail net
threshold.conf not working? Miguel Alvarez
Re: threshold.conf not working? Russ Combs
Re: threshold.conf not working? James Lay
why didn't receive daily snort report leon () kingdest com
Re: threshold.conf not working? Miguel Alvarez
Unknown ClassType Brian Swan
Re: Unknown ClassType Alex Kirk
(no subject) H Phillips
No alerts in BASE H Phillips
Re: snort inline with jumbo frame Jack
Re: why didn't receive daily snort report Peter Bates
Re: Snort + PF_RING + DAQ Luca Deri
Re: snort inline with jumbo frame Sheng-Hao Wang
What is this I see? Pratik Narang

Tuesday, 11 September

Re: snort inline with jumbo frame Russ Combs
Snort Process Forking Turnbough, Bradley E.
Monitoring via bonded interfaces; allowed or problematic? Turnbough, Bradley E.
Re: Up and Running Joel Esler
Re: Snort-sigs Digest, Vol 76, Issue 14 Joel Esler
Re: Up and Running Joel Esler
Sourcefire VRT Certified Snort Rules Update 2012-09-11 Research
Re: Snort-sigs Digest, Vol 76, Issue 14 PR
Re: Snort Process Forking Joel Esler
Import data from wireshark to Snort Nhok Maruko
Re: Import data from wireshark to Snort Lay, James
Re: Snort-sigs Digest, Vol 76, Issue 14 waldo kitty
Re: What is this I see? Joel Esler
Re: What is this I see? waldo kitty
Re: Up and Running Joel Esler
Re: Import data from wireshark to Snort waldo kitty
Re: Import data from wireshark to Snort PR
Re: Output database option - Back in? Joel Esler
Re: Output database option - Back in? Michael Steele
Interesting Project for a 6-month Internship Martin Haug
Re: Interesting Project for a 6-month Internship Russ Combs
Re: Dynamic Preprocessor example does not make alert why? Yoshimasa Obana

Wednesday, 12 September

snortviz: new snort alert graph tool Pat John
New Snort Sensor Implementation Turnbough, Bradley E.
Internal Network vs. External Network Turnbough, Bradley E.
Re: Internal Network vs. External Network Peter Bates
Re: Internal Network vs. External Network Giles Coochey
Snort dropping more packets than it received Scott Finlon
Re: Snort dropping more packets than it received Peter Bates
Re: Snort dropping more packets than it received Scott Finlon
HTTP Inspect Statistics Neha Chriss
Re: HTTP Inspect Statistics Joel Esler
Re: Internal Network vs. External Network Joel Esler
Re: New Snort Sensor Implementation Joel Esler
Re: Interesting Project for a 6-month Internship Martin Haug
Offer rule for detect lastest Bind vulnerability rmkml
Low hanging fruit #2 James Lay
Re: Monitoring via bonded interfaces; allowed or problematic? Jeremy Hoel

Thursday, 13 September

Using PP Pratik Narang
Re: Using PP Heine Lysemose
Re: Using PP Pratik Narang
Re: Using PP Heine Lysemose
Re: Using PP Pratik Narang
Re: Using PP Peter Bates
Query on webroot Balasubramaniam Natarajan
IDS / IPS Bake time Turnbough, Bradley E.
Re: IDS / IPS Bake time Peter Bates
Re: Using PP John York
Re: Low hanging fruit #2 Joel Esler
Re: Low hanging fruit #2 James Lay
Re: Using PP Michael Steele
Re: Low hanging fruit #2 Joel Esler
Sourcefire VRT Certified Snort Rules Update 2012-09-13 Research
Question about alert logging Francois Gaudreault
Puppetizing snort Michael Brown
Re: snort syslog output support Randal T. Rioux

Friday, 14 September

Re: snort syslog output support James Lay
problems with PP Pratik Narang
Re: problems with PP Pratik Narang
Re: problems with PP Peter Bates
Re: problems with PP Michael Steele
Re: problems with PP Joel Esler
Re: problems with PP Michael Steele
Re: problems with PP Joel Esler
Re: I'm getting close, I smell more bacon Joel Esler
Re: I'm getting close, I smell more bacon JJC
What kernel should I run? Miguel Alvarez
Re: What kernel should I run? Jeremy Hoel

Saturday, 15 September

I'm so close I smell Bacon... little more help thanks! PR
I'm getting close, I smell more bacon PR
Help with a signature Wilson, Dave
Re: I'm getting close, I smell more bacon PR
Re: Help with a signature Jamie Riden
Re: I'm so close I smell Bacon... little more help thanks! James Lay
Re: I'm so close I smell Bacon... little more help thanks! JJC
Re: I'm so close I smell Bacon... little more help thanks! James Lay
[Snort-user] Can not receive daily report leon () kingdest com
Re: Help with a signature Alex Kirk
Re: Help with a signature Jamie

Sunday, 16 September

External DAQ Module : DAQ_PCAP_SPOOLER v1.0b beenph

Monday, 17 September

Problem With Snort shadab
Snort Unified2 File Format Dheeraj Gupta
Updating Rules with PulledPork and no outside connection Michael Steele
New IE Zero Day yew chuan Ong
Re: Problem With Snort Joel Esler
Re: [Emerging-Sigs] New IE Zero Day yew chuan Ong
Updating Rules with PulledPork in Offline mode Michael Steele
Re: Updating Rules with PulledPork in Offline mode Lay, James
Re: Updating Rules with PulledPork and no outside connection JJ Cummings
Output Module Nikolai Preminin
Re: Updating Rules with PulledPork and no outsid connection Dheeraj Gupta
Re: I'm so close I smell Bacon... little more help thanks! JJ Cummings
Sourcefire VRT Certified Snort Rules Update 2012-09-17 Research
Re: Updating Rules with PulledPork and no outside connection Michael Steele

Tuesday, 18 September

Automatically block IP on firewall box from snort IDS ML mail
Metasploit exploits on Snort Pratik Narang
Re: Automatically block IP on firewall box from snort IDS Kevin Ross
Re: Automatically block IP on firewall box from snort IDS Pratik Narang
write PCRE rule minhtamnw
Re: Automatically block IP on firewall box from snort IDS ML mail
Re: Automatically block IP on firewall box from snort IDS Kevin Ross
Re: Updating Rules with PulledPork and no outside connection Michael Steele
Malicious UA sig thoughts James Lay
Re: Malicious UA sig thoughts lists () packetmail net
Re: Unified2 Joel Esler
Re: Automatically block IP on firewall box from snort IDS Joel Esler
Re: Malicious UA sig thoughts James Lay
Re: Malicious UA sig thoughts Joel Esler
Re: Metasploit exploits on Snort JJC
Re: Automatically block IP on firewall box from snort IDS beenph
Re: Updating Rules with PulledPork and no outside connection JJC
how to set domain alias in postfix+postfixadmin Leon
Re: how to set domain alias in postfix+postfixadmin JJC
Re: Metasploit exploits on Snort Joel Esler
Re: write PCRE rule Lay, James
Why i cann't receive daily report snort daily report? Leon
Re: Automatically block IP on firewall box from snort IDS ML mail
Sourcefire VRT Certified Snort Rules Update 2012-09-18 Research
why i cann't receive daily report snort daily report? Leon
Re: Updating Rules with PulledPork and no outside connection Michael Steele
Having an issue with Snort Report Nick Moore
Re: Automatically block IP on firewall box from snort IDS John Ives
Re: Metasploit exploits on Snort Pratik Narang
Re: Malicious UA sig thoughts James Lay

Wednesday, 19 September

Snort - failed to load snort_dynamicrules TermVRL M
Re: Updating Rules with PulledPork and no outside connection Michael Steele
Re: Snort - failed to load snort_dynamicrules Joel Esler
Re: Updating Rules with PulledPork and no outside connection JJ Cummings
logging to syslog Benjamin Lincoln
Re: logging to syslog JJC
Re: logging to syslog Michael Steele
Re: logging to syslog Benjamin Lincoln
Re: Updating Rules with PulledPork and no outside connection JJC
Re: Snort Rules Joel Esler
Re: Updating Rules with PulledPork and no outside connection Michael Steele
Re : Re: logging to syslog Rm Kml
Re: Updating Rules with PulledPork and no outside connection JJC
Quick uricontent question James Lay
Re: Updating Rules with PulledPork and no outside connection Michael Steele
Re: Quick uricontent question lists () packetmail net
Re: Quick uricontent question James Lay
Re: Updating Rules with PulledPork and no outside connection JJC
Re: Quick uricontent question Joel Esler
Re: Quick uricontent question James Lay
Re: Quick uricontent question lists () packetmail net

Thursday, 20 September

Looking for a prebuilt Snort IDS Distro Turnbough, Bradley E.
Re: Looking for a prebuilt Snort IDS Distro Jeremy Hoel
Re: Looking for a prebuilt Snort IDS Distro Heine Lysemose
Re: Looking for a prebuilt Snort IDS Distro Turnbough, Bradley E.
Re: Looking for a prebuilt Snort IDS Distro Ray Caparros
Re: Quick uricontent question Joel Esler
Re: Looking for a prebuilt Snort IDS Distro PR

Friday, 21 September

Re: Looking for a prebuilt Snort IDS Distro Jaime Nebrera
Snort and MySQL Joao Daniel Neves
Re: Snort and MySQL Jack
Packet Logger Mode- what is func()? Alex Adamos
Snort Rules for Version 2.8.5.1 Turnbough, Bradley E.
Re: Looking for a prebuilt Snort IDS Distro Turnbough, Bradley E.
Re: Looking for a prebuilt Snort IDS Distro Jaime Nebrera
Re: Packet Logger Mode- what is func()? Russ Combs
Re: Snort and MySQL Joao Daniel Neves
Re: Snort and MySQL Joel Esler
Sourcefire VRT Certified Snort Rules Update 2012-09-21 Research
Re: Snort Rules for Version 2.8.5.1 Joel Esler
Re: Snort and MySQL PR
Re: Snort Rules for Version 2.8.5.1 PR
Re: Looking for a prebuilt Snort IDS Distro PR
Re: Looking for a prebuilt Snort IDS Distro PR
Re: Snort and MySQL Jeremy Hoel
Re: Snort and MySQL Joel Esler
Quick Android/Fakelash.A!tr.spy sig James Lay
Re: Looking for a prebuilt Snort IDS Distro Pak Chan
Re: Looking for a prebuilt Snort IDS Distro Jeremy Hoel
Re: Quick Android/Fakelash.A!tr.spy sig Joel Esler

Saturday, 22 September

Taking action on exploit attempts Pratik Narang
Re: Looking for a prebuilt Snort IDS Distro Pak Chan
Re: Looking for a prebuilt Snort IDS Distro Jeremy Hoel

Sunday, 23 September

Looking for a prebuilt Snort IDS Distro Doug Burks
using sort general hash table module (sfxhash) in dynamic-preprocessors sajjad purmohseni

Monday, 24 September

Regarding snort configuration shadab
Having trouble firing certain rules Robert Parker
Re: Quick Android/Fakelash.A!tr.spy sig Joel Esler
Re: Looking for a prebuilt Snort IDS Distro Pak Chan
Re: Quick Android/Fakelash.A!tr.spy sig James Lay
HTTP 304 alerts Dionyssios Edwards

Tuesday, 25 September

Reputation Preprocessor Yonas Abebe
Barnyard2 - v2-1.10 is released firnsy
Binary file format- tcpdump Alex Adamos
Re: Binary file format- tcpdump Alex Kirk
Snort, BASE, and FRW Joao Daniel Neves
Re: Snort and MySQL Joao Daniel Neves
Re: Reputation Preprocessor Joel Esler
RedBorder IDS / A bit disappointed... (maybe someone can help & clarify?) Turnbough, Bradley E.
Re: RedBorder IDS / A bit disappointed... (maybe someone can help & clarify?) Turnbough, Bradley E.
Re: Snort, BASE, and FRW Shomiron Das Gupta
Re: Barnyard2 - v2-1.10 is released Jefferson, Shawn
Re: Barnyard2 - v2-1.10 is released beenph
Sourcefire VRT Certified Snort Rules Update 2012-09-25 Research
Re: Taking action on exploit attempts waldo kitty
Re: Regarding snort configuration waldo kitty
Re: HTTP 304 alerts waldo kitty
Re: Binary file format- tcpdump waldo kitty
Re: Snort, BASE, and FRW waldo kitty
Re: Snort, BASE, and FRW waldo kitty
Choosing a firewall with Snort Pratik Narang
Snort DB clean up ACID/BASE Amm Snort

Wednesday, 26 September

Re: Regarding snort configuration shadab
Re: Choosing a firewall with Snort Kevin Ross
Re: Choosing a firewall with Snort Pratik Narang
Re: Regarding snort configuration Pratik Narang
Re: RedBorder IDS / A bit disappointed... (maybe someone can help & clarify?) Giles Coochey
Re: RedBorder IDS / A bit disappointed... (maybe someone can help & clarify?) Jaime Nebrera
Re: Snort, BASE, and FRW Joao Daniel Neves
Re: RedBorder IDS / A bit disappointed... (maybe someone can help & clarify?) Giles Coochey
Re: Regarding snort configuration Joel Esler
Re: [Snort-devel] Snort DB clean up ACID/BASE Joel Esler
Re: RedBorder IDS / A bit disappointed... (maybe someone can help & clarify?) Jaime Nebrera
Re: [Snort-devel] Barnyard2 - v2-1.10 is released Michael Steele
Couple sigs - Firefox plugins James Lay
Re: [Snort-devel] Barnyard2 - v2-1.10 is released beenph
Re: Barnyard2 - v2-1.10 is released AllowOverride
Re: Barnyard2 - v2-1.10 is released Joel Esler
Re: [Snort-devel] Barnyard2 - v2-1.10 is released Michael Steele
Why PulledPork over Oinkmaster Michael Steele
Re: Why PulledPork over Oinkmaster Joel Esler
Re: [Snort-devel] Barnyard2 - v2-1.10 is released beenph
Very Limited Logging Brian Swan
Re: Very Limited Logging Joel Esler
Snort / Barnyard2 Placement Turnbough, Bradley E.
Re: Snort / Barnyard2 Placement beenph
Re: Snort / Barnyard2 Placement Jeremy Hoel

Thursday, 27 September

Changing name and file size limit of ALERT output file Abhishek Sharma
Re: Changing name and file size limit of ALERT output file praveen_recker .
Re: Barnyard2 - v2-1.10 is released AllowOverride
Re: Barnyard2 - v2-1.10 is released beenph
not event in snort 2.9.3 troxlinux
Re: not event in snort 2.9.3 beenph
Re: not event in snort 2.9.3 troxlinux
Re: not event in snort 2.9.3 troxlinux
Re: Choosing a firewall with Snort Shomiron Das Gupta
Re: not event in snort 2.9.3 beenph
Re: not event in snort 2.9.3 beenph
Send snort alerts via syslog to ArcSight Pablo Atiaga
Re: Send snort alerts via syslog to ArcSight beenph
Sourcefire VRT Certified Snort Rules Update 2012-09-27 Research
Re: Barnyard2 - v2-1.10 is released Joel Esler
Re: Barnyard2 - v2-1.10 is released beenph
Re: Barnyard2 - v2-1.10 is released AllowOverride
Re: Barnyard2 - v2-1.10 is released AllowOverride
Re: Choosing a firewall with Snort Pratik Narang

Friday, 28 September

Re: Choosing a firewall with Snort Kevin Ross
Re: Barnyard2 - v2-1.10 is released Nigel Houghton
Re: Barnyard2 - v2-1.10 is released AllowOverride
tcp flood rule Leonardo Pezente
Fatal error after upgrading barnyard2 Miguel Alvarez
Re: [barnyard2-users] Fatal error after upgrading barnyard2 Heine Lysemose

Saturday, 29 September

Re: [barnyard2-users] Fatal error after upgrading barnyard2 beenph
Re: [barnyard2-users] Fatal error after upgrading barnyard2 Miguel Alvarez
Re: [barnyard2-users] Fatal error after upgrading barnyard2 beenph
Re: [barnyard2-users] Fatal error after upgrading barnyard2 Miguel Alvarez
Re: [barnyard2-users] Fatal error after upgrading barnyard2 beenph
Re: [barnyard2-users] Fatal error after upgrading barnyard2 Miguel Alvarez

Sunday, 30 September

(no subject) John Babio
Re: Choosing a firewall with Snort Kevin Ross

Previous period

Next period