Snort: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

1251 messages starting Jul 01 13 and ending Sep 30 13
Date index | Thread index | Author index

Monday, 01 July

Rule to detect search engines Borja Luaces
multiple interface server, snort & barnyard Doug Metz
Re: Snort gets killed Alex Adamos
Snort DAQ MCLEOD, DONNIE
Re: barnyard help Maxwell, Jamison [HDS]
Re: multiple interface server, snort & barnyard waldo kitty
Re: Rule to detect search engines waldo kitty
Re: multiple interface server, snort & barnyard Y M
Re: Snort DAQ Y M
Snort 2.9.5 Now Available Snort Releases
Snort 2.9.5 Now Available Snort Releases
Re: Rule to detect search engines Borja Luaces

Tuesday, 02 July

Centos 6.4, bnx2 in promiscuous mode does not see packets Giles Coochey
Re: Centos 6.4, bnx2 in promiscuous mode does not see packets Y M
@snort installation on ubuntu anagha b
Re: Centos 6.4, bnx2 in promiscuous mode does not see packets Giles Coochey
Sourcefire VRT Certified Snort Rules Update 2013-07-02 Research
Re: Centos 6.4, bnx2 in promiscuous mode does not see packets Y M
Unknown EK Community Proposed
Re: Unknown EK Joel Esler
Re: Unknown EK lists () packetmail net

Wednesday, 03 July

Re: Centos 6.4, bnx2 in promiscuous mode does not see packets Giles Coochey
snort inline mode in FreeBSD and IPFW Nomad Esst
Re: How snort rules are used Russ Combs

Thursday, 04 July

@pulledpork error anagha b
Re: @pulledpork error seth
Re: @pulledpork error seth
Re: @pulledpork error JJ Cummings
Re: @pulledpork error anagha b

Friday, 05 July

Re: @pulledpork error waldo kitty
Unable to use dynamicrules on CentOS 6.4 x86_64 Jaspal
Re: Unable to use dynamicrules on CentOS 6.4 x86_64 waldo kitty
Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Jaspal
Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Joel Esler
About Snort file Mayur Patil
Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Jason Ish
Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Jaspal
Re: About Snort file waldo kitty
Re: About Snort file Mayur Patil
Private Exploit Kit James Lay
Re: Private Exploit Kit Joel Esler
Re: Private Exploit Kit James Lay
a few questions... waldo kitty
Re: Unable to use dynamicrules on CentOS 6.4 x86_64 waldo kitty
Re: About Snort file waldo kitty
Re: a few questions... Russ Combs
Re: a few questions... waldo kitty
Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Joel Esler
Re: a few questions... Joel Esler
Snort on WindowsXP MCLEOD, DONNIE

Saturday, 06 July

@snort startup anagha b
@snort log anagha b
Re: a few questions... waldo kitty
Re: Snort on WindowsXP waldo kitty
Re: @snort startup waldo kitty
Re: @snort log waldo kitty
Re: Snort on WindowsXP Michael Steele
Problems configuring Pulledpork Kevin Faust
Re: Problems configuring Pulledpork Jeremy Hoel

Sunday, 07 July

Re: Problems configuring Pulledpork Joel Esler
Re: Problems configuring Pulledpork Kevin Faust
Re: Problems configuring Pulledpork waldo kitty
Re: Snort on WindowsXP waldo kitty

Monday, 08 July

Re: a few questions... Russ Combs
Finding the offset or depth in packets miha rass
Finding the offset or depth in packets miha rass

Tuesday, 09 July

[HITB-Announce] REMINDER: #HITB2013KUL CFP Closes 25th July Hafez Kamal
Snorting a Kismet tun/tap interface: Cannot decode data link type 105 Hayden Stainsby
Re: Snorting a Kismet tun/tap interface: Cannot decode data link type 105 James Lay
Re: Snorting a Kismet tun/tap interface: Cannot decode data link type 105 rmkml
Re: Snorting a Kismet tun/tap interface: Cannot decode data link type 105 Hayden Stainsby
Re: a few questions... waldo kitty
Re: Finding the offset or depth in packets waldo kitty
Proposed Signatures for Fake Adobe Flash installer lists () packetmail net
question regarding tag modifier James Dickenson
Re: Proposed Signatures for Fake Adobe Flash installer lists () packetmail net
Sourcefire VRT Certified Snort Rules Update 2013-07-09 Research
Re: question regarding tag modifier Joel Esler
Re: Unknown EK Joel Esler
Re: Unknown EK lists () packetmail net
Asprox sig James Lay
Re: Asprox sig lists () packetmail net
Re: Asprox sig James Lay
Re: Asprox sig James Lay
Re: Asprox sig Joel Esler
jRAT James Lay
Re: jRAT Ned Moran

Wednesday, 10 July

Re: About Snort file Mayur Patil
Re: jRAT James Lay
Re: jRAT Ned Moran
Re: About Snort file Joel Esler
Re: About Snort file Mayur Patil
Re: jRAT James Lay
Kuluoz-ishness James Lay
Re: Kuluoz-ishness waldo kitty

Thursday, 11 July

@daq error anagha b
@barnyard2 error anagha b
Re: @daq error waldo kitty
Re: @barnyard2 error waldo kitty
Re: Snort-users Digest, Vol 86, Issue 13 anagha b
Re: Snort-users Digest, Vol 86, Issue 13 waldo kitty
WARNING: Can't extract timestamp extension from 'snort.unified2 limit 128.1373443078'using base 'snort.unified2' Kaushal Shriyan
Re: WARNING: Can't extract timestamp extension from 'snort.unified2 limit 128.1373443078'using base 'snort.unified2' Kaushal Shriyan
Re: WARNING: Can't extract timestamp extension from 'snort.unified2 limit 128.1373443078'using base 'snort.unified2' Kaushal Shriyan
Changes to PCRE Phelps Ed (Ed) ** % **
Re: Changes to PCRE Steven Sturges
ssl preprocessor incorrect event 'SSL_INVALID_CLIENT_HELLO' Bram
Sourcefire VRT Certified Snort Rules Update 2013-07-11 Research
Re: WARNING: Can't extract timestamp extension from 'snort.unified2 limit 128.1373443078'using base 'snort.unified2' waldo kitty
Pulled Pork Question Starner, Mark
ssh preprocessor: incorrect event 'SSH_EVENT_PROTOMISMATCH' Bram
Re: Pulled Pork Question waldo kitty
Re: Pulled Pork Question Y M
Re: Pulled Pork Question Y M
Re: Kuluoz-ishness Nick Randolph
Patch File for Snort 2.9.4.x and 2.9.5 which adds 169.254/16 addr space Bill Parker
Re: Kuluoz-ishness James Lay
Re: Pulled Pork Question Y M
Re: Pulled Pork Question Starner, Mark
Re: Pulled Pork Question JJ Cummings
Re: Pulled Pork Question Starner, Mark
Re: Pulled Pork Question JJ Cummings
Re: Pulled Pork Question Starner, Mark
Re: Pulled Pork Question Y M
Re: Asprox sig Nick Randolph
Unknown Botnet sig James Lay
Re: Asprox sig waldo kitty
Re: Unknown Botnet sig James Lay
Re: Unknown Botnet sig Joel Esler
Re: Unknown Botnet sig James Lay

Friday, 12 July

Rule works in replay file mode, but not when sniffing Pavel Rantorski
Re: Rule works in replay file mode, but not when sniffing Joel Esler
Re: Rule works in replay file mode, but not when sniffing Russ Combs
Re: Rule works in replay file mode, but not when sniffing Pavel Rantorski
Re: Rule works in replay file mode, but not when sniffing Russ Combs
Re: Rule works in replay file mode, but not when sniffing Pavel Rantorski
Re: ssh preprocessor: incorrect event 'SSH_EVENT_PROTOMISMATCH' Victor Roemer
Re: Rule works in replay file mode, but not when sniffing Pavel Rantorski
Re: Rule works in replay file mode, but not when sniffing waldo kitty

Sunday, 14 July

Ruxcon 2013 Final Call For Papers cfp

Monday, 15 July

Re: ssh preprocessor: incorrect event 'SSH_EVENT_PROTOMISMATCH' Bram
MySQL DB data and event tables not getting updated in Snort DB. Kaushal Shriyan
Installing Snort as a service on Windows 8 64 bit? spam
[HITB-Announce] REMINDER: #HITB2013KUL CFP Closes 25th July Hafez Kamal
CFP: Vol. 2 Issue 5 (Deadline approaching) Editor, IJCIT
Snort switches to packet Dump Mode Mayur Patil
Re: ssl preprocessor incorrect event 'SSL_INVALID_CLIENT_HELLO' Bhagya Bantwal
Re: Snort switches to packet Dump Mode waldo kitty
Re: Snort switches to packet Dump Mode Mayur Patil
Re: Snort switches to packet Dump Mode waldo kitty
Re: Snort switches to packet Dump Mode Mayur Patil
Re: Snort switches to packet Dump Mode Mayur Patil
Re: Snort switches to packet Dump Mode waldo kitty
Is there any way to add the rule action in the alert? Avery Rozar
Re: Is there any way to add the rule action in the alert? waldo kitty
Re: Is there any way to add the rule action in the alert? Avery Rozar
home_net & external_net question slava () webii net
Re: home_net & external_net question Joel Esler

Tuesday, 16 July

Re: Snort switches to packet Dump Mode Mayur Patil
Re: home_net & external_net question slava () webii net
Re: Snort switches to packet Dump Mode Mayur Patil
Attacks Vector Database Erik Michel Giraldo Giraldo
Re: home_net & external_net question Joel Esler
Re: ssh preprocessor: incorrect event 'SSH_EVENT_PROTOMISMATCH' Victor Roemer
ok thanks Vuong D. Chieu
Re: Snort switches to packet Dump Mode waldo kitty
Re: Snort switches to packet Dump Mode Mayur Patil
Sourcefire VRT Certified Snort Rules Update 2013-07-16 Research
Re: Snort switches to packet Dump Mode waldo kitty
Re: Snort switches to packet Dump Mode Mayur Patil
Rule Management with two separate rulesets Steven McLaughlin
Re: Rule Management with two separate rulesets JJC

Wednesday, 17 July

Snort Tests? mulhern
Why does a distribution include both dynamic rules *.rules files mulhern
Re: Snort Tests? Keith A . Glass
Re: Snort Tests? mulhern
Re: Snort Tests? Keith A . Glass
snort 2.9.4.6 not logging Maged Shenouda
Re: Snort Tests? Lawrence Teo
Re: snort 2.9.4.6 not logging Joel Esler
Re: Snort Tests? Joel Esler
Re: Why does a distribution include both dynamic rules *.rules files Joel Esler
Re: Snort Tests? mulhern
Re: Snort Tests? mulhern
IMAC MCLEOD, DONNIE
Different formats in rules files mulhern
Re: IMAC Joel Esler
Re: Different formats in rules files Joel Esler
Re: Snort switches to packet Dump Mode waldo kitty
Re: IMAC Mark Boltz
Re: Rule Management with two separate rulesets waldo kitty
Re: Snort switches to packet Dump Mode Mayur Patil
Re: Snort switches to packet Dump Mode Mayur Patil
Re: Rule Management with two separate rulesets JJC
Re: Snort Tests? waldo kitty
Re: IMAC JJC
Re: Snort switches to packet Dump Mode waldo kitty
Re: Snort switches to packet Dump Mode waldo kitty
Re: Snort switches to packet Dump Mode Mayur Patil
Re: Rule Management with two separate rulesets Joel Esler
Re: Snort switches to packet Dump Mode waldo kitty
Re: Snort switches to packet Dump Mode Mayur Patil
Re: Different formats in rules files mulhern
CPU pegged for unknown reasons Scott Finlon
Re: Different formats in rules files Joel Esler
high packet loss - low throughput Michal Purzynski
Re: CPU pegged for unknown reasons waldo kitty
Re: high packet loss - low throughput waldo kitty
Re: high packet loss - low throughput Michal Purzynski
PF_RING / DNA + Snort and high CPU utilization Scott Finlon
Re: high packet loss - low throughput waldo kitty
Re: PF_RING / DNA + Snort and high CPU utilization beenph

Thursday, 18 July

Re: high packet loss - low throughput Michal Purzynski
Mac OSX Ransomware Paul Bottomley
Regarding Coding for Snort Mayur Patil
Udp traffic Abid Ayoub
Re: PF_RING / DNA + Snort and high CPU utilization Ward Sladek
Mirroring port Abid Ayoub
Re: PF_RING / DNA + Snort and high CPU utilization Scott Finlon
Re: Regarding Coding for Snort waldo kitty
Re: Mirroring port waldo kitty
Re: Mac OSX Ransomware Nick Randolph
Re: Regarding Coding for Snort Mayur Patil
Re: Regarding Coding for Snort Joel Esler
Replace deprecated bzero() calls in Snort-2.9.5 with memset() Bill Parker
Re: snort 2.9.4.6 not logging Maged Shenouda
Re: snort 2.9.4.6 not logging waldo kitty
Sourcefire VRT Certified Snort Rules Update 2013-07-18 Research
Re: Regarding Coding for Snort Mayur Patil
Re: snort 2.9.4.6 not logging Maged Shenouda
Re: Regarding Coding for Snort waldo kitty
dnp3 preprocesser: incorrect message when track_udp is disabled Bram
[PATCH] dnp3 preprocesser: message "WARNING: DNP3 memcap exceeded" logged too often Bram
Re: dnp3 preprocesser: incorrect message when track_udp is disabled Hui Cao
Re: snort 2.9.4.6 not logging waldo kitty

Friday, 19 July

Re: high packet loss - low throughput Michal Purzynski
IP recognition Mayur Patil
Re: Regarding Coding for Snort Mayur Patil
block traffic Abid Ayoub
Re: block traffic Joe Gedeon
About writing code Mayur Patil
RE : Re: high packet loss - low throughput rmkml
Re: snort 2.9.4.6 not logging Maged Shenouda
Re: RE : Re: high packet loss - low throughput Michal Purzynski
Re: RE : Re: high packet loss - low throughput Y M
RE : Re: RE : Re: high packet loss - low throughput rmkml
Re: snort 2.9.4.6 not logging Maged Shenouda
Re: RE : Re: RE : Re: high packet loss - low throughput Joel Esler
Most rules in community-rules commented out? mulhern
Re: high packet loss - low throughput waldo kitty
Re: IP recognition waldo kitty
Re: Regarding Coding for Snort waldo kitty
Re: IP recognition Mayur Patil
Re: Regarding Coding for Snort Mayur Patil
Re: snort 2.9.4.6 not logging waldo kitty
Re: snort 2.9.4.6 not logging waldo kitty
Re: Snort Tests? mulhern
Re: snort 2.9.4.6 not logging Maged Shenouda
Re: snort 2.9.4.6 not logging Maged Shenouda
Re: RE : Re: RE : Re: high packet loss - low throughput waldo kitty
Depth limit of binary flow using just pcre (no content option) Frank Calone
Re: snort 2.9.4.6 not logging waldo kitty
Re: Depth limit of binary flow using just pcre (no content option) waldo kitty
Re: Most rules in community-rules commented out? Joel Esler
Re: RE : Re: RE : Re: high packet loss - low throughput Joel Esler
Re: Depth limit of binary flow using just pcre (no content option) Frank Calone
Replace calls index() <deprecated> with strchr() in Snort 2.9.5 Bill Parker
Re: Depth limit of binary flow using just pcre (no content option) Joel Esler
Re: Replace calls index() <deprecated> with strchr() in Snort 2.9.5 Joel Esler
Re: Snort only partially alerting Frank Calone
Re: high packet loss - low throughput Michal Purzynski
Re: Snort only partially alerting waldo kitty
Re: high packet loss - low throughput waldo kitty
sdf preprocessor: partial matches/false positives Bram
Re: high packet loss - low throughput rmkml
Re: Most rules in community-rules commented out? mulhern
Re: high packet loss - low throughput waldo kitty
Re: high packet loss - low throughput waldo kitty
Re: high packet loss - low throughput waldo kitty

Saturday, 20 July

Lack of Sanity Check for call to malloc() Bill Parker
Re: high packet loss - low throughput Michal Purzynski
Re: high packet loss - low throughput Y M
Re: high packet loss - low throughput Joel Esler

Sunday, 21 July

Re: high packet loss - low throughput Michal Purzynski
Re: high packet loss - low throughput Michal Purzynski
Re: high packet loss - low throughput Joel Esler
Re: high packet loss - low throughput beenph
Re: high packet loss - low throughput Doug Burks
Re: high packet loss - low throughput Michal Purzynski
Re: high packet loss - low throughput Michal Purzynski
Re: high packet loss - low throughput beenph
Re: high packet loss - low throughput beenph
Re: high packet loss - low throughput Joel Esler
Not using pcap_frames Mayur Patil
Re: high packet loss - low throughput Michal Purzynski
Re: high packet loss - low throughput Michal Purzynski

Monday, 22 July

Not getting unified2 output mulhern
Re: Not getting unified2 output beenph
snort suddenly stopped to record events linux
Re: sdf preprocessor: partial matches/false positives Hui Cao
Re: Lack of Sanity Check for call to malloc() Todd Wease
Re: snort suddenly stopped to record events waldo kitty
Re: Not getting unified2 output mulhern
Re: Replace deprecated bzero() calls in Snort-2.9.5 with memset() Hui Cao
Fwd: [barnyard2-users] Can get barnyard2 to read from Snort log but won't write to alert file mulhern
Re: Fwd: [barnyard2-users] Can get barnyard2 to read from Snort log but won't write to alert file waldo kitty
Pulledpork not generating merged rules file on Windows William Rehnquyst
Re: Pulledpork not generating merged rules file on Windows waldo kitty
Re: Fwd: [barnyard2-users] Can get barnyard2 to read from Snort log but won't write to alert file mulhern
snort 2.9.5 - Failed to parse the IP address waldo kitty
Re: snort 2.9.5 - Failed to parse the IP address rmkml
checking default output settings in snort.conf waldo kitty
Re: Fwd: [barnyard2-users] Can get barnyard2 to read from Snort log but won't write to alert file waldo kitty
Re: snort 2.9.5 - Failed to parse the IP address waldo kitty
Re: Fwd: [barnyard2-users] Can get barnyard2 to read from Snort log but won't write to alert file mulhern
Re: Fwd: [barnyard2-users] Can get barnyard2 to read from Snort log but won't write to alert file waldo kitty
Re: high packet loss - low throughput Michal Purzynski
Help with signature - offset miha rass
Re: high packet loss - low throughput Livio Ricciulli
Re: Fwd: [barnyard2-users] Can get barnyard2 to read from Snort log but won't write to alert file mulhern
Re: Pulledpork not generating merged rules file on Windows Michael Steele
Re: Help with signature - offset waldo kitty
Re: Fwd: [barnyard2-users] Can get barnyard2 to read from Snort log but won't write to alert file waldo kitty
RE : Help with signature - offset rmkml

Tuesday, 23 July

Re: snort suddenly stopped to record events linux
Re: high packet loss - low throughput Michal Purzynski
FW: snort 2.9.4.6 not logging Maged Shenouda
Re: RE : Help with signature - offset miha rass
Snort log file size is getting huge Maged Shenouda
Multiple rulesets with separate sid files. mulhern
Re: Snort log file size is getting huge beenph
Re: Snort log file size is getting huge Maged Shenouda
Re: Multiple rulesets with separate sid files. Y M
Cisco Sourcefire Giles Coochey
Re: Multiple rulesets with separate sid files. Peter Bates
Re: Cisco Sourcefire Mike Stoico
Re: Cisco Sourcefire Peter Bates
Re: Cisco Sourcefire Michal Purzynski
Re: Cisco Sourcefire Y M
Re: snort suddenly stopped to record events waldo kitty
Re: FW: snort 2.9.4.6 not logging waldo kitty
Re: Snort log file size is getting huge waldo kitty
Re: Snort log file size is getting huge waldo kitty
Re: FW: snort 2.9.4.6 not logging Maged Shenouda
Re: Cisco Sourcefire Michael Steele
Re: Snort log file size is getting huge Maged Shenouda
Re: Cisco Sourcefire Ayodele Okeowo
Re: Cisco Sourcefire Anthony Rees
Re: Cisco Sourcefire Heine Lysemose
Re: Cisco Sourcefire waldo kitty
Re: Cisco Sourcefire Ayodele Okeowo
Re: FW: snort 2.9.4.6 not logging waldo kitty
Re: high packet loss - low throughput Livio Ricciulli
Re: Cisco Sourcefire waldo kitty
Re: Cisco Sourcefire Y M
Cisco acquires Sourcefire ... should we be worried? Bad Horse
Re: FW: snort 2.9.4.6 not logging Maged Shenouda
Re: Cisco Sourcefire Ayodele Okeowo
Re: Cisco Sourcefire Jefferson, Shawn
Re: [Snort-sigs] Cisco acquires Sourcefire ... should we be worried? Gregory W. MacPherson
http_method and uricontent Alan Nala
Re: Cisco acquires Sourcefire ... should we be worried? Joe Kraxner
Re: RE : Help with signature - offset rmkml
Re: Cisco Sourcefire Joel Esler
Re: Cisco Sourcefire Scott
Re: Cisco Sourcefire Mike Miller
Re: Cisco Sourcefire Martin Roesch

Wednesday, 24 July

Re: Cisco Sourcefire Michal Purzynski
data base Abid Ayoub
Clarification upon stats sockstat
Re: Cisco Sourcefire Mike Miller
Re: Cisco Sourcefire Scott
Re: Cisco Sourcefire Mike Miller
Re: Cisco Sourcefire Joel Esler
Re: snort suddenly stopped to record events Alex
Barnyard2 error Abid Ayoub
Re: Barnyard2 error beenph
Re: Barnyard2 error Abid Ayoub
Re: Barnyard2 error Abid Ayoub
Re: Barnyard2 error beenph
Re: Barnyard2 error Abid Ayoub
Re: snort suddenly stopped to record events Peter Bates
Re: data base waldo kitty
Re: Barnyard2 error beenph
Re: snort suddenly stopped to record events waldo kitty
Re: Barnyard2 error waldo kitty
Sourcefire VRT Certified Snort Rules Update 2013-07-24 Research
Pulledpork, multiple instances, and sid-msg.map James Lay
Re: Pulledpork, multiple instances, and sid-msg.map Eoin Miller
Re: Pulledpork, multiple instances, and sid-msg.map waldo kitty
Re: Barnyard2 error Michael Steele
Re: Pulledpork, multiple instances, and sid-msg.map JJ Cummings
Re: Pulledpork, multiple instances, and sid-msg.map James Lay
Re: Pulledpork, multiple instances, and sid-msg.map waldo kitty

Thursday, 25 July

About Shared Object Snort Rules Mayur Patil
Re: About Shared Object Snort Rules Patrick Mullen
question :: interest in testing SENF preprocessor for Snort? Beasley, Cam
Re: question :: interest in testing SENF preprocessor for Snort? Joel Esler
Sourcefire VRT Certified Snort Rules Update 2013-07-25 Research
'ignore_call_channel' setting seems to have no effect Emre Gundogan
Re: question :: interest in testing SENF preprocessor for Snort? Beasley, Cam

Friday, 26 July

Re: data base Abid Ayoub
Re: data base waldo kitty
uricontent and http_method Alan Nala
To escape or not to escape the colon Julian Wiegmann
Re: data base Abid Ayoub
Shared Object Rules not properly recognized by Snort Quentin-Edouard Lutun
Details on using offset setests setests
Re: snort suddenly stopped to record events Alex
Re: 'ignore_call_channel' setting seems to have no effect Hui Cao
Re: 'ignore_call_channel' setting seems to have no effect Emre Gundogan
Re: Shared Object Rules not properly recognized by Snort Patrick Mullen
Base doesnt show alerts soma patel-smith
Re: Base doesnt show alerts Y M
Re: Base doesnt show alerts soma patel-smith
Re: Base doesnt show alerts Y M
config binding config questions Evan Rinaldo
Re: Base doesnt show alerts Dwayne Hottinger
Re: Base doesnt show alerts soma patel-smith
Re: data base waldo kitty
Re: snort suddenly stopped to record events waldo kitty

Saturday, 27 July

Threatpost: Martin Roesch on snorts history and the Sourcefire acquisition rmkml
Re: Threatpost: Martin Roesch on snorts history and the Sourcefire acquisition waldo kitty
Re: Threatpost: Martin Roesch on snorts history and the Sourcefire acquisition Martin Roesch
Re: Threatpost: Martin Roesch on snorts history and the Sourcefire acquisition waldo kitty

Sunday, 28 July

The content pattern of Rule SID: 19713 can be improved Ruowen Wang

Monday, 29 July

Re: Threatpost: Martin Roesch on snorts history and the Sourcefire acquisition Giles Coochey
active response amin Salehi
Re: About Shared Object Snort Rules Mayur Patil
active response amin Salehi
Re: snort suddenly stopped to record events Alex
Re: The content pattern of Rule SID: 19713 can be improved Alex McDonnell
Re: active response waldo kitty
Re: The content pattern of Rule SID: 19713 can be improved Ruowen Wang
log alert to database using barnyard2 Ismi Junita Rahmawati
Re: log alert to database using barnyard2 Y M
Re: log alert to database using barnyard2 Ismi Junita Rahmawati
Re: log alert to database using barnyard2 Joel Esler
Re: log alert to database using barnyard2 Ismi Junita Rahmawati

Tuesday, 30 July

Re: Clarification upon stats Reinoud Koornstra
Re: Clarification upon stats Todd Wease
Sourcefire VRT Certified Snort Rules Update 2013-07-30 Research
Snort 2.9.5.3 Now Available Snort Releases
Snort 2.9.5.3 Now Available Snort Releases
Re: Snort 2.9.5.3 Now Available rmkml
Re: Snort 2.9.5.3 Now Available Russ Combs
Re: Clarification upon stats Reinoud Koornstra

Wednesday, 31 July

Re: Clarification upon stats Reinoud Koornstra
IMAP and POP preprocessor do not handle TLS Bram
Re: Pulledpork not generating merged rules file on Windows William Rehnquyst
Proportion of Snort users who use Oinkmaster vs. PulledPork mulhern
Re: Proportion of Snort users who use Oinkmaster vs. PulledPork Joel Esler
Re: Clarification upon stats Todd Wease
Re: IMAP and POP preprocessor do not handle TLS Bhagya Bantwal
DAQ-2.0.x patch files Bill Parker
Thesis Project Maurizio Del Vecchio
Re: Thesis Project Russ Combs

Thursday, 01 August

snort killed Abid Ayoub
HideMeBetter – SPAM injection Variant Paul Bottomley
Unrecognised syslog facility/priority in snort Mayur Patil
Is it possible to change the output format for the alert_syslog module? Niels van Eijck
Re: snort killed waldo kitty
stream5 preprocessor: 'STREAM5_NO_TIMESTAMP' alert in combination with TCP Keep-Alives from BSD/Darwin Bram
Re: Is it possible to change the output format for the alert_syslog module? waldo kitty
Unrecognised syslog facility/priority in snort Mayur Patil
Re: Unrecognised syslog facility/priority in snort praveen_recker .
Thresholding & Suppressing Turnbough, Bradley E.
Re: Thresholding & Suppressing Jeremy Hoel
sensitive-data email alerts Jay Hirata
Re: sensitive-data email alerts waldo kitty
Sourcefire VRT Certified Snort Rules Update 2013-08-01 Research
active response in passive mode Seyed Amin Salehi
Re: Unrecognised syslog facility/priority in snort Mayur Patil
Re: sdf preprocessor: partial matches/false positives Bram

Friday, 02 August

Re: snort killed Abid Ayoub
Re: Is it possible to change the output format for the alert_syslog module? Niels van Eijck
Re: snort killed Abid Ayoub
xml file Abid Ayoub
Re: Is it possible to change the output format for the alert_syslog module? waldo kitty
Re: snort killed waldo kitty
Re: xml file waldo kitty
Pulledpork almost always 403 William Rehnquyst
Re: Pulledpork almost always 403 Joel Esler
Re: Pulledpork almost always 403 waldo kitty
Re: DAQ-2.0.x patch files Bhagya Bantwal
Re: Pulledpork almost always 403 William Rehnquyst
Re: Pulledpork almost always 403 waldo kitty
Re: Pulledpork almost always 403 JJ Cummings
Project Announcement: ETPLC rmkml
Project Announcement: ETPLC rmkml
Re: Pulledpork almost always 403 William Rehnquyst
Re: Pulledpork almost always 403 waldo kitty

Sunday, 04 August

Apache Struts Vulnerabilities Yap Ji Wen
Re: Apache Struts Vulnerabilities waldo kitty
Re: Is it possible to change the output format for the alert_syslog module? Joel Esler
tcpdump: can't create rx ring on packet socket: Cannot allocate memory Jason Haar
Re: Apache Struts Vulnerabilities Yap Ji Wen

Monday, 05 August

Better defined schema for sid-msg.map v2 Robert Greenhouse
Snort 2.9.5 / PFRing Welters, Jon (LARC-B703)[LITES]
Udp traffic Abid Ayoub
Re: Pulledpork not generating merged rules file on Windows William Dou
Installing SNORT on windows ERROR Flip Uys
active response in passive mode Seyed Amin Salehi
Active respone in passive mode Seyed Amin Salehi
Re: Pulledpork almost always 403 William Dou
Re: Pulledpork not generating merged rules file on Windows William Dou
Re: Pulledpork not generating merged rules file on Windows William Dou
How to get details of Packet data structure Saeed Adel Mehraban
Re: Pulledpork not generating merged rules file on Windows William Rehnquyst
Re: Pulledpork almost always 403 Joel Esler
Re: Installing SNORT on windows ERROR Joel Esler
Re: [Snort-sigs] HideMeBetter – SPAM injection Variant Joel Esler
Re: How to get details of Packet data structure Russ Combs
Re: Apache Struts Vulnerabilities Joel Esler
Re: Snort 2.9.5 / PFRing Russ Combs
Re: active response in passive mode Russ Combs
Re: Pulledpork not generating merged rules file on Windows waldo kitty
Re: Better defined schema for sid-msg.map v2 waldo kitty
Rovnix UA sig James Lay
Rovnix Rule Y M
Re: Rovnix Rule Joel Esler
Re: Rovnix UA sig Joel Esler
Thresholding by source AND destination Turnbough, Bradley E.
Re: Rovnix UA sig James Lay
Re: Thresholding by source AND destination Joel Esler
Re: Rovnix UA sig Joel Esler
Re: Rovnix UA sig Y M
Re: Rovnix UA sig James Lay
Re: Apache Struts Vulnerabilities Yap Ji Wen

Tuesday, 06 August

Re: Apache Struts Vulnerabilities Joel Esler
Base SnortFan
Sourcefire VRT Certified Snort Rules Update 2013-08-06 Research
Re: Base waldo kitty
Anyone using Base? SnortFan
Re: Anyone using Base? Y M
Re: Anyone using Base? Michael Steele
Building Snort with IDMEF plug in - libtool problem cuong dinh
Re: Apache Struts Vulnerabilities Yap Ji Wen

Wednesday, 07 August

Re: Anyone using Base? SnortFan
Question on overall SNORT Config under Windows Glass, Keith
Re: Anyone using Base? SnortFan
Unchecked call to stat() in src/util.c for Snort-2.9.5.3 Bill Parker
Re: Anyone using Base? Michael Steele
trying to get an oinkcode Bob Wooden
Re: trying to get an oinkcode Joel Esler
Snort is in the air James Lay
Re: Anyone using Base? SnortFan
....Fort Disco anyone? James Lay

Thursday, 08 August

How to tune two rules? Turnbough, Bradley E.
Re: Unchecked call to stat() in src/util.c for Snort-2.9.5.3 Russ Combs
How does snort create sub files from reading SO Files Robert Greenhouse
Sourcefire VRT Certified Snort Rules Update 2013-08-08 Research
Re: How to tune two rules? Joel Esler
Re: How does snort create sub files from reading SO Files Joel Esler
Re: ....Fort Disco anyone? Joel Esler
Re: ....Fort Disco anyone? James Lay
Re: ....Fort Disco anyone? Joel Esler
Re: ....Fort Disco anyone? James Lay
Re: How to tune two rules? waldo kitty

Friday, 09 August

Re: Anyone using Base? Randal T. Rioux
Disable IPV6 in Snort 2.9.4.6 Michael Süess
Disable IPV6 in Snort 2.9.4.6 Michael Süess
Oracle database Abid Ayoub
Re: Anyone using Base? Michael Steele
HttpInpsect/HTTP preprocessor: false positives HI_CLISRV_MSG_SIZE_EXCEPTION Bram
Re: Oracle database Jeremy Hoel
Re: Disable IPV6 in Snort 2.9.4.6 Joel Esler
Re: Oracle database Michal Purzynski
Re: Oracle database Y M
Clarification on so_rules James Lay
Re: Clarification on so_rules Joel Esler
Re: Clarification on so_rules James Lay
Re: Clarification on so_rules Y M
Re: Clarification on so_rules James Lay
Barnyard2 issue w/unified2 ? Jeff Kell
Re: Barnyard2 issue w/unified2 ? beenph
Re: Barnyard2 issue w/unified2 ? beenph
Re: Barnyard2 issue w/unified2 ? Jeff Kell
Re: Barnyard2 issue w/unified2 ? Jeff Kell
Re: Barnyard2 issue w/unified2 ? beenph
Re: Clarification on so_rules waldo kitty
Re: Barnyard2 issue w/unified2 ? waldo kitty

Saturday, 10 August

Re: Anyone using Base? SnortFan
Re: Oracle database SnortFan
Re: Barnyard2 issue w/unified2 ? beenph
Re: Barnyard2 issue w/unified2 ? beenph

Monday, 12 August

Doubt about non TCP/IP packets Marcos Lois Bermúdez
HttpInpsect/HTTP preprocessor: false positives + parsing of header/body? Bram
Aumlib malware Y M
Re: Aumlib malware Ned Moran
Re: Aumlib malware Nick Randolph
Re: Aumlib malware Joel Esler
Re: Aumlib malware Joel Esler
Re: Aumlib malware Nick Randolph
Re: Aumlib malware Y M
Re: Aumlib malware Ned Moran
Re: Doubt about non TCP/IP packets Jeremy Hoel
Re: HttpInpsect/HTTP preprocessor: false positives + parsing of header/body? Russ Combs
Interested in developing a preprocessor; want all the documentation I can get. Tony Robinson
Re: Interested in developing a preprocessor; want all the documentation I can get. Rodrigo Montoro(Sp0oKeR)
Re: Interested in developing a preprocessor; want all the documentation I can get. Tony Robinson
Re: Interested in developing a preprocessor; want all the documentation I can get. Rodrigo Montoro(Sp0oKeR)

Tuesday, 13 August

Re: [Snort-users] Interested in developing a preprocessor; want all the documentation I can get. Joel Esler
Re: Aumlib malware Joel Esler
Possible Issues with strncpy() calls in DAQ-2.0.x and Snort-2.9.5.x Bill Parker
Re: Aumlib malware Y M
A few pulledpork questions James Lay
Sourcefire VRT Certified Snort Rules Update 2013-08-13 Research
Re: A few pulledpork questions Y M
Re: A few pulledpork questions Eoin Miller
Unknown ClassType: protocol-command-decode Avery Rozar
Re: A few pulledpork questions James Lay
Re: A few pulledpork questions James Lay
Re: Unknown ClassType: protocol-command-decode Y M
Re: A few pulledpork questions JJC
Re: Unknown ClassType: protocol-command-decode Avery Rozar
Re: A few pulledpork questions James Lay
Re: Unknown ClassType: protocol-command-decode waldo kitty
Re: Unknown ClassType: protocol-command-decode Y M
Re: A few pulledpork questions JJC
Re: Barnyard2 issue w/unified2 ? Jeff Kell
Re: A few pulledpork questions James Lay
ERROR: Can't set DAQ BPF filter to 'dna0:dna1' (pfring_daq_set_filter: BPF state machine compilation failed!)! Avery Rozar
rule? Frank Calone
Re: ERROR: Can't set DAQ BPF filter to 'dna0:dna1' (pfring_daq_set_filter: BPF state machine compilation failed!)! Russ Combs
Re: rule? Joel Esler
Re: rule? Frank Calone
Re: rule? Joel Esler
Re: Barnyard2 issue w/unified2 ? Jen Andre
Re: ERROR: Can't set DAQ BPF filter to 'dna0:dna1' (pfring_daq_set_filter: BPF state machine compilation failed!)! waldo kitty
Re: Barnyard2 issue w/unified2 ? Weir, Jason
Re: rule? waldo kitty
Re: Barnyard2 issue w/unified2 ? waldo kitty
Re: [Snort-users] Interested in developing a preprocessor; want all the documentation I can get. Tony Robinson
Re: Possible Issues with strncpy() calls in DAQ-2.0.x and Snort-2.9.5.x sockstat
Re: Barnyard2 issue w/unified2 ? Jeff Kell
Re: [Snort-users] Interested in developing a preprocessor; want all the documentation I can get. Tony Robinson

Wednesday, 14 August

Re: ERROR: Can't set DAQ BPF filter to 'dna0:dna1' (pfring_daq_set_filter: BPF state machine compilation failed!)! Avery Rozar
Re: [Snort-users] Interested in developing a preprocessor; want all the documentation I can get. Joel Esler
Re: HttpInpsect/HTTP preprocessor: false positives + parsing of header/body? Bram
Re: ERROR: Can't set DAQ BPF filter to 'dna0:dna1' (pfring_daq_set_filter: BPF state machine compilation failed!)! Y M
Re: HttpInpsect/HTTP preprocessor: false positives + parsing of header/body? Joel Esler
Re: ERROR: Can't set DAQ BPF filter to 'dna0:dna1' (pfring_daq_set_filter: BPF state machine compilation failed!)! Avery Rozar
Re: Interested in developing a preprocessor; want all the documentation I can get. Bill Reimer
Re: Clarification on so_rules READ THIS Safwat Fahmy
DDoS protection performance statistics Andrey Resler
Snort and Barnyard2 performance Ron Haines
Re: Interested in developing a preprocessor; want all the documentation I can get. Joel Esler
Re: Clarification on so_rules READ THIS JJC
Re: DDoS protection performance statistics Keith A . Glass
Re: Clarification on so_rules READ THIS JJC
Re: Snort and Barnyard2 performance waldo kitty
Re: [Snort-devel] Interested in developing a preprocessor; want all the documentation I can get. Jefferson, Shawn
PF_RING and DNA with Snort Avery Rozar
Re: PF_RING and DNA with Snort Tim Covel
Re: [Snort-users] Interested in developing a preprocessor; want all the documentation I can get. Victor Roemer

Thursday, 15 August

Re: PF_RING and DNA with Snort Avery Rozar
Common security blogs/RSS feeds followed Nick
Re: Barnyard2 issue w/unified2 ? beenph
Sourcefire VRT Certified Snort Rules Update 2013-08-15 Research
Re: Barnyard2 issue w/unified2 ? John Ives
Re: Barnyard2 issue w/unified2 ? beenph
Re: Barnyard2 issue w/unified2 ? Jeff Kell
Re: PF_RING and DNA with Snort Tim Covel
Re: Barnyard2 issue w/unified2 ? John Ives
Re: PF_RING and DNA with Snort Avery Rozar
snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Robert Greenhouse
Re: Barnyard2 issue w/unified2 ? waldo kitty
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Y M
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Y M
Re: Barnyard2 issue w/unified2 ? John Ives
Re: Barnyard2 issue w/unified2 ? waldo kitty

Friday, 16 August

Re: HttpInpsect/HTTP preprocessor: false positives HI_CLISRV_MSG_SIZE_EXCEPTION Bram
HTTP Preprocessor: support for websockets Bram
Re: HttpInpsect/HTTP preprocessor: false positives HI_CLISRV_MSG_SIZE_EXCEPTION Russ Combs
Re: HTTP Preprocessor: support for websockets Russ Combs
SIP preprocessor: false positives on DNS traffic Bram
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Y M
Re: PF_RING and DNA with Snort Avery Rozar
Re: PF_RING and DNA with Snort Scott Finlon
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Robert Greenhouse
Re: PF_RING and DNA with Snort Avery Rozar
Re: PF_RING and DNA with Snort Y M
Re: PF_RING and DNA with Snort Avery Rozar
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Y M
Re: PF_RING and DNA with Snort Avery Rozar
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Y M
Re: Barnyard2 issue w/unified2 ? beenph
Re: Barnyard2 issue w/unified2 ? beenph
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Robert Greenhouse
Re: Possible Issues with strncpy() calls in DAQ-2.0.x and Snort-2.9.5.x Michael Altizer
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop waldo kitty

Saturday, 17 August

Re: Possible Issues with strncpy() calls in DAQ-2.0.x and Snort-2.9.5.x sockstat
Re: Possible Issues with strncpy() calls in DAQ-2.0.x and Snort-2.9.5.x Matt Olney
ERROR: dynamic detection lib is compiled with an older version of the dynamic engine Michael Heard
Re: Possible Issues with strncpy() calls in DAQ-2.0.x and Snort-2.9.5.x Steve Sturges
Re: Possible Issues with strncpy() calls in DAQ-2.0.x and Snort-2.9.5.x Russ Combs
Re: Possible Issues with strncpy() calls in DAQ-2.0.x and Snort-2.9.5.x Russ Combs
Re: ERROR: dynamic detection lib is compiled with an older version of the dynamic engine waldo kitty
Re: ERROR: dynamic detection lib is compiled with an older version of the dynamic engine Mike H

Sunday, 18 August

Re: ERROR: dynamic detection lib is compiled with an older version of the dynamic engine waldo kitty
Re: ERROR: dynamic detection lib is compiled with an older version of the dynamic engine Mike H
Re: ERROR: dynamic detection lib is compiled with an older version of the dynamic engine waldo kitty
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Y M
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop Y M
Re: ERROR: dynamic detection lib is compiled with an older version of the dynamic engine Mike H
Re: snort-2.9.4, daq 2.0.1 afpacket in inline mode snort fails to drop packets even when RULE is set to drop waldo kitty
Re: ERROR: dynamic detection lib is compiled with an older version of the dynamic engine waldo kitty
Download old VRT rules JeeHyun Hwang
Critical Path value Balasubramaniam Natarajan
Re: Download old VRT rules waldo kitty
Re: Critical Path value waldo kitty

Monday, 19 August

Mac-Address Abid Ayoub
Re: Download old VRT rules Joel Esler
Re: Mac-Address Joel Esler
Re: Mac-Address Abid Ayoub
Re: Mac-Address Joel Esler
Re: Mac-Address Abid Ayoub
MD5 Sum File not maching signature files??? Turnbough, Bradley E.
Fwd: Snort catching backup as alert? William Rehnquyst
Re: Fwd: Snort catching backup as alert? Jefferson, Shawn
Re: SIP preprocessor: false positives on DNS traffic Hui Cao
Re: MD5 Sum File not maching signature files??? waldo kitty
Re: Fwd: Snort catching backup as alert? waldo kitty
Re: HttpInpsect/HTTP preprocessor: false positives HI_CLISRV_MSG_SIZE_EXCEPTION Russ Combs
Re: Critical Path value Balasubramaniam Natarajan
Re: Critical Path value waldo kitty

Tuesday, 20 August

Re: HttpInpsect/HTTP preprocessor: false positives HI_CLISRV_MSG_SIZE_EXCEPTION Bram
Re: stream5 preprocessor: 'STREAM5_NO_TIMESTAMP' alert in combination with TCP Keep-Alives from BSD/Darwin Bram
Re: Disable IPV6 in Snort 2.9.4.6 Michael Süess
Read unified2 file Abid Ayoub
'DECODE_TCP_MUST_ACK' and 'DECODE_TCP_NO_SYN_ACK_RST' in combination with FreeBSD and Darwin Bram
Re: Read unified2 file phillip () bailey st
Re: 'DECODE_TCP_MUST_ACK' and 'DECODE_TCP_NO_SYN_ACK_RST' in combination with FreeBSD and Darwin Russ Combs
Re: stream5 preprocessor: 'STREAM5_NO_TIMESTAMP' alert in combination with TCP Keep-Alives from BSD/Darwin Russ Combs
Re: Read unified2 file Russ Combs
Re: HttpInpsect/HTTP preprocessor: false positives HI_CLISRV_MSG_SIZE_EXCEPTION Russ Combs
Re: stream5 preprocessor: 'STREAM5_NO_TIMESTAMP' alert in combination with TCP Keep-Alives from BSD/Darwin Russ Combs
Re: Mac-Address Andrew Fox
Sourcefire VRT Certified Snort Rules Update 2013-08-20 Research
Re: Critical Path value waldo kitty
Re: stream5 preprocessor: 'STREAM5_NO_TIMESTAMP' alert in combination with TCP Keep-Alives from BSD/Darwin Joel Esler
Why Multiple Rules Files on Sourceforge...Why? Dominick Bakhtiar
Re: Why Multiple Rules Files on Snort...Why? (fixed) Joel Esler
Rules to detect all the attacks listed in DARPA dataset ? dsigma
Re: Rules to detect all the attacks listed in DARPA dataset ? Joel Esler
Re: Rules to detect all the attacks listed in DARPA dataset ? lists () packetmail net
Re: Rules to detect all the attacks listed in DARPA dataset ? Jeff Kell

Wednesday, 21 August

Re: Mac-Address Abid Ayoub
VRT Rules question Juan Camilo Valencia
Re: VRT Rules question JJC
Re: Mac-Address beenph
Re: Mac-Address Abid Ayoub
Re: Mac-Address beenph
ssh preprocessor does not whitelist ssh connections Florian Westphal
Mind/Brain Intrusion Prevention System Singapore Citizen Mr. Teo En Ming (Zhang Enming)
Re: VRT Rules question Juan Camilo Valencia
Re: Mind/Brain Intrusion Prevention System Dustin Webber
Re: VRT Rules question JJC
Re: VRT Rules question Juan Camilo Valencia
Re: Mind/Brain Intrusion Prevention System Glass, Keith
Re: Mind/Brain Intrusion Prevention System Jason
Re: Mind/Brain Intrusion Prevention System Eric G
Re: Mind/Brain Intrusion Prevention System Jason
Re: Mind/Brain Intrusion Prevention System Keith A. Glass
Re: Mind/Brain Intrusion Prevention System Dustin Webber
Re: Mind/Brain Intrusion Prevention System Joel Esler
Re: Mind/Brain Intrusion Prevention System Singapore Citizen Mr. Teo En Ming (Zhang Enming)
Re: Mind/Brain Intrusion Prevention System A Smith
Re: Mind/Brain Intrusion Prevention System beenph
Re: Mind/Brain Intrusion Prevention System Singapore Citizen Mr. Teo En Ming (Zhang Enming)
Re: Mind/Brain Intrusion Prevention System Singapore Citizen Mr. Teo En Ming (Zhang Enming)
Re: Mind/Brain Intrusion Prevention System Singapore Citizen Mr. Teo En Ming (Zhang Enming)
Re: Mind/Brain Intrusion Prevention System Singapore Citizen Mr. Teo En Ming (Zhang Enming)
Re: Mind/Brain Intrusion Prevention System A Smith
Re: Mind/Brain Intrusion Prevention System Singapore Citizen Mr. Teo En Ming (Zhang Enming)
Re: Mind/Brain Intrusion Prevention System Singapore Citizen Mr. Teo En Ming (Zhang Enming)

Thursday, 22 August

Re: Mind/Brain Intrusion Prevention System waldo kitty
Re: Mac-Address Abid Ayoub
I would like to use PulledPork to add info into the msg: field Avery Rozar
Re: Mind/Brain Intrusion Prevention System KingOfNerds
Re: Mac-Address waldo kitty
Re: Mac-Address Abid Ayoub
OT: Snort and vyatta Joerg Stephan
Re: OT: Snort and vyatta Joel Esler
Re: OT: Snort and vyatta Keith A . Glass
Re: Mac-Address waldo kitty
Re: Mac-Address Abid Ayoub
Re: I would like to use PulledPork to add info into the msg: field JJ Cummings
Re: OT: Snort and vyatta Joel Esler
Re: OT: Snort and vyatta Glass, Keith
Sourcefire VRT Certified Snort Rules Update 2013-08-22 Research
Re: I would like to use PulledPork to add info into the msg: field Avery Rozar
smtp: ignore flow after STARTTLS if ignore_tls_data is set Florian Westphal
Re: I would like to use PulledPork to add info into the msg: field JJC
Re: I would like to use PulledPork to add info into the msg: field waldo kitty
Re: Fwd: Snort catching backup as alert? William Rehnquyst
Re: I would like to use PulledPork to add info into the msg: field Avery Rozar
Re: I would like to use PulledPork to add info into the msg: field Avery Rozar
Re: I would like to use PulledPork to add info into the msg: field Joel Esler
Re: Fwd: Snort catching backup as alert? waldo kitty
BarnYard2 Waiting for New Data Issue Matt Brichetto
Re: HttpInpsect/HTTP preprocessor: false positives HI_CLISRV_MSG_SIZE_EXCEPTION Russ Combs
Orbit Downloader DoS James Lay
Re: stream5 preprocessor: 'STREAM5_NO_TIMESTAMP' alert in combination with TCP Keep-Alives from BSD/Darwin Russ Combs
community-rules.tar.gz.md5 empty? Jeremy Hoel
Re: community-rules.tar.gz.md5 empty? Joel Esler
Last (short) chance to submit papers for PacSec in Tokyo Nov 13-14. Deadline FRIDAY. Dragos Ruiu

Friday, 23 August

Query for fast_pattern override Arvind Kumar
Stream5: RST handling + 'STREAM5_BAD_RST' alert Bram
@dynamic preprocessor error anagha b
Re: @dynamic preprocessor error waldo kitty
rule timing and benchmarking Mike Miller
Re: rule timing and benchmarking waldo kitty
sid-msg.map v2 barnyard2-2.1.3 Robert Greenhouse
Re: sid-msg.map v2 barnyard2-2.1.3 beenph
Re: Snort-users Digest, Vol 87, Issue 65 anagha b

Saturday, 24 August

Re: Snort-users Digest, Vol 87, Issue 65 anagha b
Re: Snort-users Digest, Vol 87, Issue 67 anagha b
Re: Snort-users Digest, Vol 87, Issue 65 Joel Esler
snort problems farshad taebi
Download old VRT rules in the past JeeHyun Hwang
snort problems farshad taebi
Regarding snort output in csv format Prajowal Manandhar
Re: Fwd: Snort catching backup as alert? Alexandre Carmel-Veilleux
Re: Download old VRT rules in the past Y M
Re: snort problems waldo kitty
Re: Fwd: Snort catching backup as alert? waldo kitty
Re: Download old VRT rules in the past waldo kitty

Sunday, 25 August

CoolEK Ports Y M
Re: Fwd: Snort catching backup as alert? Joel Esler
Re: CoolEK Ports Joel Esler
Urausy rules Y M
Re: Urausy rules James Lay
Re: Urausy rules Joel Esler
@uninstalling snort anagha b

Monday, 26 August

Re: @uninstalling snort waldo kitty
Re: smtp: ignore flow after STARTTLS if ignore_tls_data is set Bhagya Bantwal
Re: smtp: ignore flow after STARTTLS if ignore_tls_data is set Florian Westphal
Re: Urausy rules Nick Randolph
Re: Urausy rules Y M
Re: Urausy rules Y M
Re: Urausy rules Y M
Barnyard2 error: 'mysql' support is not compiled into this build of snort James Lieu
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort Y M
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort Y M
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort James Lieu
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort beenph
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort James Lieu
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort James Lieu
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort James Lieu
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort Joel Esler
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort James Lieu
Re: Snort 2.9.5 / PFRing Welters, Jon (LARC-B703)[LITES]
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort James Lieu
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort Joel Esler
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort Jefferson, Shawn
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort James Lieu
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort James Lieu
Re: Snort 2.9.5 / PFRing Welters, Jon (LARC-B703)[LITES]
snort alert [1:13586:4] Ismi Junita Rahmawati
Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort beenph
@uninstalling snort anagha b
@daq socket operation not permitted anagha b

Tuesday, 27 August

Re: smtp: ignore flow after STARTTLS if ignore_tls_data is set Bram
Re: smtp: ignore flow after STARTTLS if ignore_tls_data is set Florian Westphal
Re: smtp: ignore flow after STARTTLS if ignore_tls_data is set Bram
Re: Snort 2.9.5 / PFRing Peter Bates
About alert log updation Mayur Patil
Re: snort alert [1:13586:4] waldo kitty
Re: About alert log updation waldo kitty
Re: About alert log updation Mayur Patil
@ERROR: Can't start DAQ (-1) - socket: Operation not permitted! anagha b
Re: [barnyard2-users] Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort Starner, Mark
Unable to detect port-specific DoS attack Mayur Patil
Re: snort problems Jules Pagna Disso
Re: Unable to detect port-specific DoS attack Wei Chea Ang
Re: snort alert [1:13586:4] JJC
Re: [barnyard2-users] Re: Barnyard2 error: 'mysql' support is not compiled into this build of snort beenph
Snort Error kabombo katutwa
Sourcefire VRT Certified Snort Rules Update 2013-08-27 Research
Re: Snort Error Joel Esler
Re: snort problems Graham Bignell
Ubuntu Upstart Scripts for Multiple Snort Processes Dominick Bakhtiar
Re: Ubuntu Upstart Scripts for Multiple Snort Processes Jason Ish
Re: snort alert [1:13586:4] Ismi Junita Rahmawati

Wednesday, 28 August

Re: Ubuntu Upstart Scripts for Multiple Snort Processes Eric G
Issue with shared object rules Anshuman Anil Deshmukh
Re: Issue with shared object rules JJ Cummings
Re: Issue with shared object rules Anshuman Anil Deshmukh
Re: Orbit Downloader DoS Nick Randolph
Re: Orbit Downloader DoS James Lay
Re: Issue with shared object rules Joel Esler
Re: Issue with shared object rules Anshuman Anil Deshmukh
Re: Issue with shared object rules Anshuman Anil Deshmukh
Re: Unable to detect port-specific DoS attack Mayur Patil
Re: Unable to detect port-specific DoS attack Mayur Patil
Re: Unable to detect port-specific DoS attack Gregory W. MacPherson

Thursday, 29 August

Stream5 and AIX tcp keepalive alert Антон Половцев
Re: smtp: ignore flow after STARTTLS if ignore_tls_data is set Bhagya Bantwal
PRISM ransomware rules Y M
snort with shorewall - recommendation Roland RoLaNd
Re: Issue with shared object rules Anshuman Anil Deshmukh
Re: Issue with shared object rules Joel Esler
Sourcefire VRT Certified Snort Rules Update 2013-08-29 Research
Snort.org Blog: Sourcefire VRT Certified Snort Rules Update for 08/29/2013 Joel Esler
Re: Snort.org Blog: Sourcefire VRT Certified Snort Rules Update for 08/29/2013 Jefferson, Shawn
Re: Snort.org Blog: Sourcefire VRT Certified Snort Rules Update for 08/29/2013 Joel Esler
@daq error socket operation not permitted anagha b
@daq error anagha b

Friday, 30 August

SMTP preprocessor: packet reassembly / fails to detect switch to TLS (STARTTLS) Bram
Re: @daq error Peter Bates
Re: @daq error socket operation not permitted Joel Esler
Snort EOL policy Peter Bates
Re: Stream5 and AIX tcp keepalive alert James Lay
@daq error anagha b
@DAQ error anagha b
Re: Snort EOL policy Joel Esler
Exclude IP Subnets and a IP address from a Specific rule Matt Brichetto
Re: Exclude IP Subnets and a IP address from a Specific rule James Lay
Re: Exclude IP Subnets and a IP address from a Specific rule Joel Esler
Re: Issue with shared object rules [solved] Anshuman Anil Deshmukh
Re: PRISM ransomware rules Y M
Re: Issue with shared object rules [solved] Joel Esler
Writing a snort rule with dynamic message! Hamid Reza Hasani

Saturday, 31 August

@unable to run snort anagha b
Re: Writing a snort rule with dynamic message! Joel Esler
Re: @unable to run snort Joel Esler

Monday, 02 September

Re: Unable to detect port-specific DoS attack Mayur Patil
@barnyard error anagha b
Re: @barnyard error Peter Bates
@barnyard error anagha b
Re: @barnyard error Peter Bates
snort configuration rem239
Re: snort configuration Joel Esler
rule definition Abid Ayoub
Re: rule definition Joel Esler
Re: rule definition mitesh.jadia
Re: rule definition Joel Esler
Re: snort configuration mitesh.jadia
HTTP preprocessor: TCP retransmissions of requests body causes (incorrect) alerts Bram
Re: Unable to detect port-specific DoS attack Mayur Patil
[snort-user] rule unable to detect port specific DoS attack Mayur Patil
@barnyard error anagha b

Tuesday, 03 September

Re: [snort-user] rule unable to detect port specific DoS attack Joel Esler
Re: [snort-user] rule unable to detect port specific DoS attack Mayur Patil
Re: [snort-user] rule unable to detect port specific DoS attack Mayur Patil
Cannot execute binary file SnortFan
Re: snort configuration rem239
Re: Cannot execute binary file SnortFan
Re: HTTP preprocessor: TCP retransmissions of requests body causes (incorrect) alerts Bhagya Bantwal
Re: SMTP preprocessor: packet reassembly / fails to detect switch to TLS (STARTTLS) Bhagya Bantwal
Re: [snort-user] rule unable to detect port specific DoS attack Mayur Patil
Re: HTTP preprocessor: TCP retransmissions of requests body causes (incorrect) alerts Bram
Re: [snort-user] rule unable to detect port specific DoS attack Joel Esler
Afpacket daq-2.0.1 snort Lawrence R. Hughes,Sr.
Sourcefire VRT Certified Snort Rules Update 2013-09-03 Research
Re: Cannot execute binary file SnortFan
Re: Cannot execute binary file James Lay
Re: [snort-user] rule unable to detect port specific DoS attack Mayur Patil
Re: Cannot execute binary file SnortFan

Wednesday, 04 September

[snort-user] Confused about so_rules Mayur Patil
Re: Unrecognised syslog facility/priority in snort Mayur Patil
Re: Cannot execute binary file James Lay
Re: [snort-user] Confused about so_rules Joel Esler
decoder: 'DECODE_ICMP4_TYPE_OTHER' alert, false positive? Bram
Re: [snort-user] rule unable to detect port specific DoS attack Wei Chea Ang
Re: Unrecognised syslog facility/priority in snort praveen_recker .
Bisonha C&C activity Paul Bottomley
Re: Bisonha C&C activity Joel Esler
pulledpork rule update 403 error Jeffrey J. Nucciarone
Re: pulledpork rule update 403 error Joel Esler
Re: Cannot execute binary file SnortFan
Re: Cannot execute binary file Joel Esler
Re: Cannot execute binary file James Lay
Re: Cannot execute binary file SnortFan
Re: Cannot execute binary file SnortFan
Re: Cannot execute binary file James Lay
Stream5: 'STREAM5_BAD_TIMESTAMP' alert, 'false' positives on delayed/out of order packets Bram
Question about SO Rule 3:21355 Jeremy Hoel
ftp USER packet processed twice in SnortFTP Reinoud Koornstra
@snort.u2 file size 0 bytes anagha b

Thursday, 05 September

Re: @snort.u2 file size 0 bytes Peter Bates
[snort-user] About packet content Mayur Patil
Snort Performance Julian Wiegmann
@barnyard error anagha b
Setting up IPS with Snort Kelevra Slevin
Re: Question about SO Rule 3:21355 Patrick Mullen
Re: Snort Performance Joel Esler
Re: Question about SO Rule 3:21355 Jeremy Hoel
Re: Question about SO Rule 3:21355 Joel Esler
Re: Setting up IPS with Snort Y M
Fwd: [snort-user] About packet content Mayur Patil
@snort.u2 file 0 bytes anagha b

Friday, 06 September

Re: Unrecognised syslog facility/priority in snort Mayur Patil
Performance monitoring issues Lee Saunders
[snort-user] invalid rules to parse Mayur Patil
Re: Performance monitoring issues Joel Esler
Re: Fwd: [snort-user] About packet content Joel Esler
Re: Fwd: [snort-user] About packet content Mayur Patil
Decoder: 'DECODE_IPV6_TRUNCATED' alert on DNS query (false positive) Bram
Re: Performance monitoring issues Lee Saunders
Re: Decoder: 'DECODE_IPV6_TRUNCATED' alert on DNS query (false positive) Victor Roemer
Re: Stream5: 'STREAM5_BAD_TIMESTAMP' alert, 'false' positives on delayed/out of order packets Victor Roemer
Re: decoder: 'DECODE_ICMP4_TYPE_OTHER' alert, false positive? Victor Roemer
Re: Unrecognised syslog facility/priority in snort praveen_recker .
Webkit DoS -- سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ L0rd Ch0de1m0rt
Re: [Snort-sigs] Webkit DoS -- سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ L0rd Ch0de1m0rt
Re: Webkit DoS -- سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ Y M
Re: [Snort-sigs] Webkit DoS -- سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ L0rd Ch0de1m0rt
Re: Fwd: [snort-user] About packet content Jefferson, Shawn
Re: [Snort-sigs] Webkit DoS -- سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ L0rd Ch0de1m0rt
Re: [Snort-sigs] Webkit DoS -- سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ Jeremy Hoel
Re: Webkit DoS -- سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ Y M
Re: Webkit DoS -- سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ Y M
Re: Webkit DoS -- سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ Joel Esler
Re: Fwd: [snort-user] About packet content Joel Esler
Re: Question about SO Rule 3:21355 Jeremy Hoel
Re: Question about SO Rule 3:21355 Joel Esler

Monday, 09 September

Re: SMTP preprocessor: packet reassembly / fails to detect switch to TLS (STARTTLS) Bhagya Bantwal
Re: ftp USER packet processed twice in SnortFTP Russ Combs
Re: snort configuration Russ Combs
Re: Stream5 and AIX tcp keepalive alert Russ Combs
how does sniffing use memory? Jason Haar
Re: how does sniffing use memory? Balasubramaniam Natarajan

Tuesday, 10 September

redBorder IPS Community 2.2.28 Released Jaime Nebrera
Re: redBorder IPS Community 2.2.28 Released James Lay
Re: ssh preprocessor does not whitelist ssh connections Bhagya Bantwal
Sourcefire VRT Certified Snort Rules Update 2013-09-10 Research

Wednesday, 11 September

Compile so rules in C language Mayur Patil
Re: Compile so rules in C language Mayur Patil
Warning after rules update Y M
Re: Warning after rules update Joel Esler
Re: Warning after rules update Y M
Proposed Signature for "VRT COMMUNITY Blackhole hex and wordlist initial landing and exploit path" lists () packetmail net
Potential Vulnerability Asiri Rathnayake
Re: [Snort-devel] Potential Vulnerability Joel Esler
Re: Proposed Signature for "VRT COMMUNITY Blackhole hex and wordlist initial landing and exploit path" Joel Esler
Trivial question Reinoud Koornstra
Can't get Identify open data channels to YES Reinoud Koornstra
PulledPork 0.7.0 - Swine Flu is Released! JJC
Snort exited on signal 6 Mike
Re: Snort exited on signal 6 sockstat

Thursday, 12 September

Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Reinoud Koornstra
Re: Snort exited on signal 6 Mike
Fwd: Compile so rules in C language Mayur Patil
Re: Performance monitoring issues Lee Saunders
Can snort analyze traffic from RSPAN port? Diana Patricia Chila Murcia
Re: Compile so rules in C language Patrick Mullen
Re: Compile so rules in C language Mayur Patil
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Russ Combs
Re: Can snort analyze traffic from RSPAN port? Russ Combs
Re: Can't get Identify open data channels to YES Joel Esler
Re: Snort exited on signal 6 Joel Esler
Re: Can snort analyze traffic from RSPAN port? Mike Hale
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Reinoud Koornstra
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Reinoud Koornstra
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Russ Combs
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Russ Combs
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Reinoud Koornstra
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Reinoud Koornstra
Re: Snort exited on signal 6 Russ Combs
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Russ Combs
Sourcefire VRT Certified Snort Rules Update 2013-09-12 Research
Re: Snort exited on signal 6 Russ Combs
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Reinoud Koornstra
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Russ Combs
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Reinoud Koornstra
Re: Trivial question Russ Combs
Re: Trivial question Reinoud Koornstra
Re: Trivial question Russ Combs
Problem to configure DAQ on SNORT Kelevra Slevin
Re: Trivial question Reinoud Koornstra
Uknown Unicast Detector Jeff d'Ambly
Re: Uknown Unicast Detector Jeff d'Ambly
Re: Problem to configure DAQ on SNORT Kelevra Slevin

Friday, 13 September

Re: Problem to configure DAQ on SNORT Y M
Re: Problem to configure DAQ on SNORT Kelevra Slevin
Re: Problem to configure DAQ on SNORT vpiserchia () gmail com
Snort exited on signal 6 Michael M Galapchuk
I have a problem snort. Barnyard2 doesn't write log file to mysql. PLS HELP ME!!! Serikjan Nurgaiv
question about snort rules Fernando Villegas
Re: [Emerging-Sigs] Cisco acquires Sourcefire ... should we be worried? Kevin Ross
question about snort rules Fernando Villegas
I have a problem snort. Barnyard2 doesn't write log file to mysql. PLS HELP ME!!! serikjan nurgaiv
I have a problem snort. Barnyard2 doesn't write log file to mysql. PLS HELP ME!!! serikjan nurgaiv
Snort Unable To Write Unified2 Files Scott Pendlebury
Fwd: question about snort rules Fernando Villegas
Re: Question about SO Rule 3:21355 Jeremy Hoel
question about snort rules Fernando Villegas
Re: Problem to configure DAQ on SNORT Safwat
applying snort rules in ns2 Maryam

Sunday, 15 September

Dynamic Rule [x:yyyy] was not initialized properly Yossi Nachum
[snort-user] About Text rule parsing Mayur Patil

Monday, 16 September

Re: Snort exited on signal 6 Mike
Snort Payload not larger than 1439 Snort User
Re: Uknown Unicast Detector Jeff d'Ambly
Re: Snort exited on signal 6 sockstat
Snort 2.9.5.5 Now Available Snort Releases
Snort 2.9.5.5 Now Available Snort Releases
Re: Snort exited on signal 6 Russ Combs
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Russ Combs

Tuesday, 17 September

Re: Snort exited on signal 6 Mike
Sourcefire VRT Certified Snort Rules Update 2013-09-17 Research
Re: Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c Reinoud Koornstra
Sourcefire VRT Certified Snort Rules Update 2013-09-17 Research

Wednesday, 18 September

PulledPork Rules with Snort 2.9.2 Christian Gebler
Re: PulledPork Rules with Snort 2.9.2 Joel Esler
Problem Updating Rules with PulledPork Benjamin Lincoln
Re: Problem Updating Rules with PulledPork JJ Cummings
Re: decoder: 'DECODE_ICMP4_TYPE_OTHER' alert, false positive? Bram
Re: Stream5: RST handling + 'STREAM5_BAD_RST' alert Bram
Re: [PATCH] dnp3 preprocesser: message "WARNING: DNP3 memcap exceeded" logged too often Bram
Re: [PATCH] dnp3 preprocesser: message "WARNING: DNP3 memcap exceeded" logged too often Hui Cao
Re: Problem Updating Rules with PulledPork Michael Steele

Thursday, 19 September

snort does not send active response in passive mode Anton
HTTP GET's in UDP 19 James Lay
PulledPork / Modifysid.conf Issues Turnbough, Bradley E.
Re: Problem Updating Rules with PulledPork Michael Steele
Re: PulledPork / Modifysid.conf Issues JJC
Sourcefire VRT Certified Snort Rules Update 2013-09-19 Research
Re: PulledPork / Modifysid.conf Issues Y M
Re: PulledPork / Modifysid.conf Issues Turnbough, Bradley E.
Re: PulledPork / Modifysid.conf Issues beenph
Re: PulledPork / Modifysid.conf Issues Turnbough, Bradley E.
Re: snort does not send active response in passive mode Russ Combs
Re: Stream5: RST handling + 'STREAM5_BAD_RST' alert Russ Combs
Re: Stream5: RST handling + 'STREAM5_BAD_RST' alert Bram
Stream5: 'STREAM5_BAD_SEGMENT' alert: false positives? Bram
Re: Stream5: RST handling + 'STREAM5_BAD_RST' alert Russ Combs
Akamai NetSession James Lay
Re: Stream5: RST handling + 'STREAM5_BAD_RST' alert Bram
Re: snort does not send active response in passive mode Anton
Re: snort does not send active response in passive mode Anton

Friday, 20 September

Snort Sigs for 2.9.5.5 for registered users not available? Turnbough, Bradley E.
Re: Snort Sigs for 2.9.5.5 for registered users not available? Joel Esler
Re: Snort Sigs for 2.9.5.5 for registered users not available? Turnbough, Bradley E.
Re: Snort Sigs for 2.9.5.5 for registered users not available? Joel Esler
Re: [Snort-users] Snort Sigs for 2.9.5.5 for registered users not available? James Lay
BLYPT sigs James Lay
Caphaw sigs Y M

Saturday, 21 September

Re: Snort Sigs for 2.9.5.5 for registered users not available? wkitty42
nmap tcp connect scan prevention Meysam Farazmand
how to send snort alert with payload to syslog server? 강명훈
Re: nmap tcp connect scan prevention wkitty42
Re: how to send snort alert with payload to syslog server? wkitty42
Re: Caphaw sigs Joel Esler
Re: BLYPT sigs Joel Esler

Sunday, 22 September

DFA construction in Snort Maleeha N
enable_xff with Snort Balasubramaniam Natarajan
Re: enable_xff with Snort Balasubramaniam Natarajan

Monday, 23 September

Re: enable_xff with Snort Bhagya Bantwal
Re: enable_xff with Snort Balasubramaniam Natarajan
snort dead but subsys locked error Hanson.Webster
Re: snort dead but subsys locked error James Lay
Re: snort dead but subsys locked error Peter Bates
Re: DFA construction in Snort Hui Cao
Re: snort dead but subsys locked error Peter Bates
Error in Snort documentation online VideoDadUS
Percent ICMP traffic David Knutson
*.rules files empty Lukáš Vízner
Re: PulledPork / Modifysid.conf Issues Y M
Segfaults in Snort 2.9.5.3 Bill Bernsen
Re: [Emerging-Sigs] Cisco acquires Sourcefire ... should we be worried? Kevin Ross
Re: Percent ICMP traffic Vivek Rajagopalan
Dynamic Rule was not initilized properly Turnbough, Bradley E.
Re: Stream5: RST handling + 'STREAM5_BAD_RST' alert Russ Combs
Re: *.rules files empty Joel Esler
How to verify that snort has the latest rules Hanson.Webster
Re: Segfaults in Snort 2.9.5.3 Hui Cao
Re: Stream5: 'STREAM5_BAD_SEGMENT' alert: false positives? Russ Combs
Uptick in protocol stack testing scans James Lay
Snort rules snapshot archive? yordanos beyene
Re: *.rules files empty wkitty42
Re: Snort rules snapshot archive? wkitty42
Re: Snort rules snapshot archive? yordanos beyene

Tuesday, 24 September

[sonrt-user]About rule options Mayur Patil
Re: How to verify that snort has the latest rules JJC
Further Investigation Needed: FILE-FLASH Action InitArray stack overflow attempt Turnbough, Bradley E.
Re: Snort rules snapshot archive? Joel Esler
Re: Further Investigation Needed: FILE-FLASH Action InitArray stack overflow attempt Joel Esler
Re: [sonrt-user]About rule options Joel Esler
Re: *.rules files empty Joel Esler
Re: Further Investigation Needed: FILE-FLASH Action InitArray stack overflow attempt Turnbough, Bradley E.
Re: Further Investigation Needed: FILE-FLASH Action InitArray stack overflow attempt Turnbough, Bradley E.
Re: *.rules files empty JJ Cummings
Re: *.rules files empty JJ Cummings
Re: Snort rules snapshot archive? Miso Patel
testing Robert Bryant
Re: Enabling all the rules for testing using PulledPork? JJ Cummings
Re: Segfaults in Snort 2.9.5.3 Hui Cao
Sourcefire VRT Certified Snort Rules Update 2013-09-24 Research
Re: Enabling all the rules for testing using PulledPork? Michael Steele
Snort.org Blog: Sourcefire VRT Certified Snort Rules Update for 09/24/2013, Snort.conf updates Joel Esler
Re: Enabling all the rules for testing using PulledPork? Joel Esler
Re: Enabling all the rules for testing using PulledPork? JJ Cummings
Re: Snort rules snapshot archive? wkitty42
Re: Further Investigation Needed: FILE-FLASH Action InitArray stack overflow attempt Jeremy Hoel
Re: Snort rules snapshot archive? JeeHyun Hwang
Re: Snort rules snapshot archive? yordanos beyene
Re: Snort rules snapshot archive? Joel Esler
Re: Problem Updating Rules with PulledPork Michael Steele

Wednesday, 25 September

Re: Snort rules snapshot archive? Jeffrey Stebelton
Error on pulledpork Anshuman Anil Deshmukh
Re: Snort-users Digest, Vol 88, Issue 50 Aditya Prakash
Re: Error on pulledpork James Lay
pulledpork rules downlaod failing Hanson.Webster
Re: pulledpork rules downlaod failing James Lay
content-rule not matching with no_stream_inserts on 1st packet Florian Westphal
Win32/64 Napolar sig James Lay
Re: content-rule not matching with no_stream_inserts on 1st packet Hui Cao
Re: Win32/64 Napolar sig Nick Randolph
Re: Win32/64 Napolar sig James Lay
Re: Win32/64 Napolar sig James Lay
Re: Win32/64 Napolar sig James Lay

Thursday, 26 September

Re: Error on pulledpork Anshuman Anil Deshmukh
Re: [sonrt-user]About rule options Mayur Patil
Re: [sonrt-user]About rule options Russ Combs
Banload sigs Y M
Re: [sonrt-user]About rule options Mayur Patil
Re: Banload sigs Y M
Re: testing Russ Combs
Sourcefire VRT Certified Snort Rules Update 2013-09-26 Research
SnortID.com website Starner, Mark

Friday, 27 September

Suppression vs Disablesid Johnny Venter
Re: Suppression vs Disablesid Y M
Re: Suppression vs Disablesid Johnny Venter
Re: Error on pulledpork Anshuman Anil Deshmukh
Rule for filtering Telnet protocol Carlos Jimenez
Snort only produces Steam5 alerts Joe Seanor
Re: Snort exited on signal 6 Russ Combs
Re: Snort only produces Steam5 alerts James Lay
snort signature failed to prevent attack in inline mode Mitesh Jadia

Saturday, 28 September

Re: Snort exited on signal 6 Russ Combs
Re: Snort only produces Steam5 alerts Jefferson Diego Diede
Re: Error on pulledpork Joel Esler

Sunday, 29 September

Re: Banload sigs Joel Esler
Re: enable_xff with Snort Balasubramaniam Natarajan

Monday, 30 September

snort service keeps stopping Hanson.Webster
Re: snort service keeps stopping Peter Bates
Re: Win32/64 Napolar sig Nick Randolph
Error with attempt to monitor RF Monitor port mon0 /wifi David Saint Ruby
Re: Segfaults in Snort 2.9.5.3 Bill Bernsen
Enabling all the rules for testing using PulledPork? Michael Steele
Barnyard2 showing no records Greg Martin
Re: *.rules files empty Lukáš Vízner
Fwd: Error with attempt to monitor RF Monitor port mon0 /wifi David Saint Ruby
Re: Snort only produces Steam5 alerts Joel Esler
Re: Barnyard2 showing no records wkitty42
Re: [Snort-devel] snort signature failed to prevent attack in inline mode Edward Borgoyn
Re: Error with attempt to monitor RF Monitor port mon0 /wifi Edward Borgoyn

Previous period

Next period