Snort mailing list archives
Fwd: Re: barnyard2-1.10 major problem
From: Jack <kingofnerds () gmail com>
Date: Thu, 25 Oct 2012 09:13:44 -0400
---------- Forwarded message ---------- From: "Jack" <kingofnerds () gmail com> Date: Oct 25, 2012 9:11 AM Subject: Re: [Snort-users] barnyard2-1.10 major problem To: "beenph" <beenph () gmail com> Last time I enabled the alert on each packet, I just got more alerts, what I think is being requested is to have all the packets in a single alert for one event On Oct 24, 2012 12:38 PM, "beenph" <beenph () gmail com> wrote:
On Wed, Oct 24, 2012 at 12:03 PM, Lawrence R. Hughes, Sr. <lhughes () safemedia com> wrote:Here is our reponse to Firnsy:Ok but this was actually an e-mail i wrote, so mabey thats where the confusion comes from.----- Original Message ----- From: "Lawrence R. Hughes, Sr." <lhughes () safemedia com> To: "firnsy" <firnsy () securixlive com> Cc: "safwat fahmy" <safwat.fahmy () safemedia com> Sent: Monday, October 22, 2012 12:08 PM Subject: Re: barnyard2-1.10 build 310Hi Firnsy, Not sure what you wanted me to do with u2_anon (packaged as a windows
zip
w/src code) Can't compile windows srource code.For your information u2_anon is written for *nix, github default download file is zip. But you wont need it.We made the change you suggested (Increase CACHED_EVENTS_MAX ) This did not help!! I am attaching the org. snort unified2 file and you will see one event with 2 packets, however by2 only inserted the first packet and this happened after we modified by2 as you suggested.add --alert-on-each-packet-in-stream in your barnyard2 command line and it will work as expected. -elz
------------------------------------------------------------------------------
Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest
Snort news!
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 24)
- Re: barnyard2-1.10 major problem beenph (Oct 24)
- Re: barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 24)
- Re: barnyard2-1.10 major problem beenph (Oct 24)
- Re: barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 24)
- Re: barnyard2-1.10 major problem beenph (Oct 24)
- Re: barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 24)
- Re: barnyard2-1.10 major problem beenph (Oct 24)
- <Possible follow-ups>
- Re: barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 24)
- Re: barnyard2-1.10 major problem beenph (Oct 24)
- Message not available
- Fwd: Re: barnyard2-1.10 major problem Jack (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem beenph (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem beenph (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem beenph (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem beenph (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem beenph (Oct 25)
- Re: Fwd: Re: barnyard2-1.10 major problem Lawrence R. Hughes, Sr. (Oct 25)
- Re: barnyard2-1.10 major problem beenph (Oct 24)