Snort: by date
RSS Feed
About List
All Lists
Previous period
916 messages
starting Jan 01 14 and
ending Mar 31 14
Date index |
Thread index |
Author index
Wednesday, 01 January
Re: Snort & Barnyard James
Re: Snort & Barnyard Ayodele Okeowo
Thursday, 02 January
How to activate Snort as IPS and other question sua yong
Re: Snort & Barnyard Joel Esler (jesler)
Friday, 03 January
Snort is not able to forward report to Base. Stephen Fernandis [IT Shared Services – Hub]
Re: Can snort dump full pcap of alert? Onno van der Leun
I am a newbie Fabien Delmotte
Re: Snort is not able to forward report to Base. Ayodele Okeowo
Re: Snort is not able to forward report to Base. Stephen Fernandis [IT Shared Services – Hub]
Re: I am a newbie waldo kitty
Re: Snort is not able to forward report to Base. waldo kitty
Re: Snort is not able to forward report to Base. Stephen Fernandis [IT Shared Services – Hub]
Re: I am a newbie Fabien Delmotte
Re: Snort is not able to forward report to Base. Ayodele Okeowo
Re: I am a newbie waldo kitty
Re: Snort is not able to forward report to Base. waldo kitty
Barebones Snort Install Thomas Hyslip
How to configure Snort to run with pf_ring sua yong
Saturday, 04 January
Re: How to configure Snort to run with pf_ring Doug Burks
Re: Snort is not able to forward report to Base. Doug Burks
Sunday, 05 January
Is it possible to compile Barnyard2 with MinGW/MSYS ResQue
Is it possible to compile Barnyard2 with MinGW/MSYS ResQue
Time out never expires - A 403 error occurred, please wait for the 15 minute timeout ResQue
Re: Time out never expires - A 403 error occurred, please wait for the 15 minute timeout waldo kitty
Monday, 06 January
Re: Time out never expires - A 403 error occurred, please wait for the 15 minute timeout Joel Esler (jesler)
Re: OPENFPC Proxy merge Kevin Ross
Re: OPENFPC Proxy merge Kevin Ross
Not receiving packets Wayne Andersen
[HITB-Announce] HITB Magazine Issue 10 Out Now Hafez Kamal
FATAL ERROR: /etc/snort/rules/file-office.rules(32) Undefined variable in the string: $EXTERNAL_NET. Jason Buker
Tuesday, 07 January
Re: FATAL ERROR: /etc/snort/rules/file-office.rules(32) Undefined variable in the string: $EXTERNAL_NET. Jeremy Hoel
Re: FATAL ERROR: /etc/snort/rules/file-office.rules(32) Undefined variable in the string: $EXTERNAL_NET. Jason Buker
Re: FATAL ERROR: /etc/snort/rules/file-office.rules(32) Undefined variable in the string: $EXTERNAL_NET. Jason Buker
Re: FATAL ERROR: /etc/snort/rules/file-office.rules(32) Undefined variable in the string: $EXTERNAL_NET. Jason Buker
Re: FATAL ERROR: /etc/snort/rules/file-office.rules(32) Undefined variable in the string: $EXTERNAL_NET. Joel Esler (jesler)
snort_sysconfig and snort.conf (UNCLASSIFIED) Wright, Jonathon S CTR (US)
Wednesday, 08 January
Snort Anomaly Mr Smith
[snort-devel] Dynamic Pre-process to decipher packet information Emiliano Fausto
outputting variables for analysts Long, Kerry S
Re: outputting variables for analysts Long, Kerry S
local update repositories amirhossein sabet
outputting variables for analysts Long, Kerry S
Fwd: Snort Anomaly Mr Smith
Sourcefire VRT Certified Snort Rules Update 2014-01-07 Research
Re: outputting variables for analysts Joel Esler (jesler)
Re: local update repositories Joel Esler (jesler)
Re: outputting variables for analysts Joel Esler (jesler)
Re: Snort Anomaly Kevin Ross
Snort CPU consumptions Balasubramaniam Natarajan
Re: Snort CPU consumptions Patrick Mullen
Rule message change 27875 Joseph Cooper
Re: Rule message change 27875 Joel Esler (jesler)
Re: Snort CPU consumptions waldo kitty
Re: Snort CPU consumptions Balasubramaniam Natarajan
Re: Snort CPU consumptions Balasubramaniam Natarajan
Thursday, 09 January
snort suddenly not capturing packets Ben Jacobs-Swearingen
Re: Snort Anomaly Doug Burks
Re: snort suddenly not capturing packets Carter Waxman (cwaxman)
Rule for initial TCP SYN packet Thomas Hyslip
Re: Rule for initial TCP SYN packet Markus Lude
Sourcefire VRT Certified Snort Rules Update 2014-01-09 Research
Re: Rule for initial TCP SYN packet Thomas Hyslip
Sensitive_data mask_output doesn't appear to be masking output James Lay
Friday, 10 January
Stream5 noisy syslog... Jeff Kell
[snort-devel] Creating a new variable into a preprocessor and using it in the rules engine Emiliano Fausto
Re: [snort-devel] Creating a new variable into a preprocessor and using it in the rules engine Emiliano Fausto
Re: Snort Anomaly Kevin Ross
Re: Snort Anomaly Kevin Ross
Saturday, 11 January
How to install Barnyard2 in Windows (without SQL option) sua yong
Sunday, 12 January
Alert based on website URL Feroz Basir
Monday, 13 January
Re: Bad range in Snort rules Lukas Matt
Re: Bad range in Snort rules Alex McDonnell
Re: Bad range in Snort rules Lukas Matt
Re: Alert based on website URL Nicholas Mavis (nmavis)
Re: Alert based on website URL Feroz Basir
Re: Bad range in Snort rules Alex McDonnell
Re: Alert based on website URL Nicholas Mavis (nmavis)
Re: Stream5 noisy syslog... Nicholas Mavis (nmavis)
Re: Stream5 noisy syslog... Jeff Kell
Re: Rule message change 27875 Y M
New rule offered for detecting Netgear password recovery rmkml
Re: New rule offered for detecting Netgear password recovery Antonin
Re: [snort-devel] Creating a new variable into a preprocessor and using it in the rules engine Emiliano Fausto
Re: Alert based on website URL Feroz Basir
Tuesday, 14 January
Re: [snort-devel] Dynamic Pre-process to decipher packet information Emiliano Fausto
Re: snort suddenly not capturing packets Ben Jacobs-Swearingen
Reported Libpcap 1.5.2 issues Joel Esler (jesler)
fast_pattern:only in rule 2101390 (GPL SHELLCODE x86 inc ebx NOOP)? Cyrille Bollu
Sourcefire VRT Certified Snort Rules Update 2014-01-14 Research
Wednesday, 15 January
Re: [snort-devel] Creating a new variable into a preprocessor and using it in the rules engine Emiliano Fausto
New rule offered for detecting Zimbra conf/localconfig.xml attempt rmkml
Thursday, 16 January
Re: Snort is not able to forward report to Base. William Rehnquyst
[HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL Hafez Kamal
Sourcefire VRT Certified Snort Rules Update 2014-01-16 Research
Re: [Emerging-Sigs] New rule offered for detecting Zimbra conf/localconfig.xml attempt Will Metcalf
Re: Snort is not able to forward report to Base. waldo kitty
Friday, 17 January
unified2 alert files with trailing period and no appended timestamp? Mike Cox
Is Snort active in Active Response when it is in NIDS mode? sua yong
Re: Snort is not able to forward report to Base. William Rehnquyst
Re: unified2 alert files with trailing period and no appended timestamp? Bhagya Bantwal
Re: unified2 alert files with trailing period and no appended timestamp? Mike Cox
Re: Is Snort active in Active Response when it is in NIDS mode? Joel Esler (jesler)
Barnyard2 process quits when Output:alert_bro is enabled Jeremy Cox
Saturday, 18 January
snort installation and usage Adrian Sevcenco
Re: snort installation and usage waldo kitty
Re: snort installation and usage Adrian Sevcenco
Re: snort installation and usage waldo kitty
Sunday, 19 January
Snort appears to be successfully compiled, but I cannot run it. Gee Zany
Monday, 20 January
Re: Snort appears to be successfully compiled, but I cannot run it. Gee Zany
Re: Alert based on website URL Feroz Basir
Re: Snort appears to be successfully compiled, but I cannot run it. Jeremy Hoel
Content matching question James Lay
Re: Content matching question Joel Esler (jesler)
Re: Alert based on website URL Joel Esler (jesler)
Re: Content matching question James Lay
Re: Snort appears to be successfully compiled, but I cannot run it. waldo kitty
Re: Content matching question James Lay
Re: Snort appears to be successfully compiled, but I cannot run it. Joel Esler (jesler)
Tuesday, 21 January
Re: unified2 alert files with trailing period and no appended timestamp? Bhagya Bantwal
lots of false positives for "GPL SQL user name buffer overflow attempt" Cyrille Bollu
Re: lots of false positives for "GPL SQL user name buffer overflow attempt" Joel Esler (jesler)
Re: lots of false positives for "GPL SQL user name buffer overflow attempt" Cyrille Bollu
Re: lots of false positives for "GPL SQL user name buffer overflow attempt" rmkml
Re: Alert based on website URL Feroz Basir
Snort http_method not matching POST request on certain spanned networks James P
Re: Barnyard2 process quits when Output:alert_bro is enabled Jeremy Cox
non-standard ping messages Jefferson, Shawn
Re: non-standard ping messages James Lay
snort rules Shalvi Srivastava
Wednesday, 22 January
Re: snort rules Joel Esler (jesler)
Is it possible to setup inline mode with 1 NIC ? Gee Zany
create-sidmap.pl SnortFan
Re: Barnyard2 process quits when Output:alert_bro is enabled SnortFan
VRT Categories SnortFan
Re: VRT Categories Y M
Re: create-sidmap.pl Y M
Re: create-sidmap.pl SnortFan
Re: Is it possible to setup inline mode with 1 NIC ? Y M
Re: create-sidmap.pl Y M
Re: Snort appears to be successfully compiled, but I cannot run it. Y M
Re: VRT Categories SnortFan
Re: VRT Categories Y M
Re: VRT Categories SnortFan
Sourcefire VRT Certified Snort Rules Update 2014-01-22 Research
Re: Is it possible to setup inline mode with 1 NIC ? Gee Zany
Re: Is it possible to setup inline mode with 1 NIC ? waldo kitty
Re: Network cards for IPS & query related to PFRING Anshuman Anil Deshmukh
Thursday, 23 January
Pulledpork and proprocessor rules Dave Corsello
Re: Pulledpork and proprocessor rules SnortFan
A question on ethernet padding James Lay
Aurora Exploit Attempt Alert One Hour Delay LaTonya Hall
Re: Aurora Exploit Attempt Alert One Hour Delay waldo kitty
Re: Aurora Exploit Attempt Alert One Hour Delay Kevin Ross
Re: Aurora Exploit Attempt Alert One Hour Delay LaTonya Hall
Re: A question on ethernet padding Jeremy Hoel
Re: A question on ethernet padding James Lay
Re: A question on ethernet padding Jeremy Hoel
Re: A question on ethernet padding Jeremy Hoel
Re: A question on ethernet padding James Lay
Re: Pulledpork and proprocessor rules SnortFan
Snort 2.9.6 Now Available Snort Releases
Snort 2.9.6 Now Available Snort Releases
Re: VRT Categories Joel Esler (jesler)
Re: VRT Categories SnortFan
Re: Aurora Exploit Attempt Alert One Hour Delay Mike Miller
Re: Aurora Exploit Attempt Alert One Hour Delay Mike Miller
Re: Aurora Exploit Attempt Alert One Hour Delay Latonya Hall
Sourcefire VRT Certified Snort Rules Update 2014-01-23 Research
Re: Aurora Exploit Attempt Alert One Hour Delay Latonya Hall
Re: Aurora Exploit Attempt Alert One Hour Delay Eoin Miller
Re: Aurora Exploit Attempt Alert One Hour Delay Latonya Hall
Re: Aurora Exploit Attempt Alert One Hour Delay Joel Esler (jesler)
Re: Aurora Exploit Attempt Alert One Hour Delay James Lay
Vbs rat threat rules Feroz Basir
Notes for Community rule 29456 Jeremy Hoel
Re: Pulledpork and proprocessor rules Dave Corsello
Friday, 24 January
Services of Snort suddenly stop Stephen Fernandis [IT Shared Services – Hub]
Alerts where source and destination addresses equal 0.0.0.0 Cyrille Bollu
Feodo Botnet Lukas Matt
Re: Feodo Botnet James Lay
Re: Alerts where source and destination addresses equal 0.0.0.0 James Lay
Running snort on virtual machine Feroz Basir
Re: Feodo Botnet Arbeiter, Stefan (K-SIS-O/1)
Re: unified2 alert files with trailing period and no appended timestamp? Mike Cox
Re: Alerts where source and destination addresses equal 0.0.0.0 Cyrille Bollu
Re: Pulledpork and proprocessor rules SnortFan
Re: Pulledpork and proprocessor rules Lay, James
Re: Running snort on virtual machine SnortFan
Re: Pulledpork and proprocessor rules Dave Corsello
Re: Alerts where source and destination addresses equal 0.0.0.0 waldo kitty
consultation question simegnew yihunie
Re: consultation question Jeremy Hoel
Saturday, 25 January
Vbs rat threat rules Feroz Basir
Re: consultation question Jeremy Hoel
Is there something about pulledpork 0.7.0 I'm not getting? Tony Robinson
Sunday, 26 January
Re: Is there something about pulledpork 0.7.0 I'm not getting? Y M
Re: Is there something about pulledpork 0.7.0 I'm not getting? Tony Robinson
Re: Is there something about pulledpork 0.7.0 I'm not getting? simegnew yihunie
Re: Is there something about pulledpork 0.7.0 I'm not getting? waldo kitty
Thousands of alerts after upgrade Leo
Re: consultation question Ben Jacobs-Swearingen
Re: consultation question Russ Combs (rucombs)
Adding new fast pattern matching software SIVA KRISHNA GUDIVADA
Re: Thousands of alerts after upgrade SnortFan
Monday, 27 January
Re: Services of Snort suddenly stop Stephen Fernandis [IT Shared Services – Hub]
error while loading shared libraries: libdnet.1: SnortFan
How much of a stream(javascript) is actually blocked on event? Lil Evil
Re: error while loading shared libraries: libdnet.1: waldo kitty
Re: How much of a stream(javascript) is actually blocked on event? waldo kitty
Re: Vbs rat threat rules Feroz Basir
Re: Vbs rat threat rules Joel Esler (jesler)
Re: How much of a stream(javascript) is actually blocked on event? Joel Esler (jesler)
Tuesday, 28 January
EOL Page Updated???? Starner, Mark
Www.snort.org down? SnortFan
Re: Vbs rat threat rules Feroz Basir
Re: Www.snort.org down? Michael Brown
Re: Www.snort.org down? James Lay
Re: Www.snort.org down? James Lay
Re: Www.snort.org down? Y M
Re: Www.snort.org down? SnortFan
Re: [Snort-users] Vbs rat threat rules waldo kitty
Re: error while loading shared libraries: libdnet.1: SnortFan
Sourcefire VRT Certified Snort Rules Update 2014-01-28 Research
Re: Vbs rat threat rules Kevin Ross
Re: Www.snort.org down? Joel Esler (jesler)
Wednesday, 29 January
sid: 2012647 How to understand user upload file to the server, or download Сергей Малинкин
Linking this with that to create an alert James Lay
Re: Linking this with that to create an alert rmkml
Re: Linking this with that to create an alert James Lay
Thursday, 30 January
Sourcefire VRT Certified Snort Rules Update 2014-01-30 Research
2 questions about Stream5 handling of missing data John Eure
Minor snort patch file John Eure
Friday, 31 January
Re: Minor snort patch file Bhagya Bantwal
Re: Thousands of alerts after upgrade SnortFan
Problems with MPLS traffic Packet Hack
Saturday, 01 February
Re: getting sensitive-data cc# alert to fire jason
Re: Problems with MPLS traffic Steven Sturges
Barnyard2 problems with reputation preproc rules Dave Corsello
Re: Barnyard2 problems with reputation preproc rules beenph
Sunday, 02 February
AUTO: AYYILDIZ, Cihan is out of the office. (returning 10.02.2014) Cihan AYYILDIZ
Re: Barnyard2 problems with reputation preproc rules Dave Corsello
Re: Barnyard2 problems with reputation preproc rules beenph
Monday, 03 February
Re: getting sensitive-data cc# alert to fire jason
Re: getting sensitive-data cc# alert to fire James Lay
Re: getting sensitive-data cc# alert to fire jason
Re: Barnyard2 problems with reputation preproc rules Dave Corsello
Setting up Snort with router span port Michael Brown
Re: Barnyard2 problems with reputation preproc rules beenph
Re: 2 questions about Stream5 handling of missing data Russ Combs
Re: getting sensitive-data cc# alert to fire Joel Esler (jesler)
Re: getting sensitive-data cc# alert to fire waldo kitty
Re: getting sensitive-data cc# alert to fire rmkml
Re: Barnyard2 problems with reputation preproc rules Dave Corsello
Re: getting sensitive-data cc# alert to fire waldo kitty
Re: getting sensitive-data cc# alert to fire jason
Tuesday, 04 February
Re: getting sensitive-data cc# alert to fire Y M
Re: Setting up Snort with router span port Y M
Re: [Snort-sigs] sid: 2012647 How to understand user upload file to the server, or download Y M
Snort and OpenVPN Dmitry Korzhevin
Re: Snort and OpenVPN Kevin Ross
Re: Snort and OpenVPN Dmitry Korzhevin
Re: Snort and OpenVPN Dmitry Korzhevin
Trojan Linkup sig Y M
Re: Trojan Linkup sig Carlos Pacho
Sourcefire VRT Certified Snort Rules Update 2014-02-04 Research
Re: Trojan Linkup sig Y M
Re: 2 questions about Stream5 handling of missing data John Eure
Wednesday, 05 February
Rawbytes needed? James Lay
Re: Rawbytes needed? Y M
Re: Rawbytes needed? James Lay
New rule offered for detecting Ping NVidia rmkml
Thursday, 06 February
event id = 0 on all unified2 events Eugenio Pérez
Signature Description Oddness Starner, Mark
Re: event id = 0 on all unified2 events Jeremy Hoel
Sourcefire VRT Certified Snort Rules Update 2014-02-06 Research
Re: Signature Description Oddness Joel Esler (jesler)
Friday, 07 February
Can Snort work with erf file? Han Zhang
Re: 2 questions about Stream5 handling of missing data Russ Combs (rucombs)
adding IDMEF output logging to snort-2.9.5 Yasin
Re: snort Chipsy Patel
Re: Can Snort work with erf file? Joel Esler (jesler)
Re: snort Emiliano Fausto
Re: adding IDMEF output logging to snort-2.9.5 Sandro Poppi
Re: Can Snort work with erf file? Marcos Rodriguez
Re: Signature Description Oddness Joel Esler (jesler)
Re: Barnyard2 problems with reputation preproc rules Dave Corsello
Sunday, 09 February
[PATCH]: daq-2.0.2 doesn't build shared libs on FreeBSD 10.x Joshua Kinard
Re: [PATCH]: daq-2.0.2 doesn't build shared libs on FreeBSD 10.x Joshua Kinard
[PATCH]: Fix build on DragonFlyBSD 3.x Joshua Kinard
Monday, 10 February
Re: Barnyard2 problems with reputation preproc rules Dave Corsello
Rules with "Established" option, not working sami Sayko
Re: Rules with "Established" option, not working Joel Esler (jesler)
Re: Rules with "Established" option, not working sami Sayko
Re: Rules with "Established" option, not working Joel Esler (jesler)
Re: Rules with "Established" option, not working sami Sayko
Re: [Emerging-Sigs] New rule offered for detecting Ping NVidia Jeremy Hoel
RE : Re: [Emerging-Sigs] New rule offered for detecting Ping NVidia rmkml
Re: [Emerging-Sigs] New rule offered for detecting Ping NVidia Will Metcalf
Snort 2.9.6.0 rpm for RHEL6.x Feroz Basir
Re: Snort 2.9.6.0 rpm for RHEL6.x Jeremy Hoel
Re: Snort 2.9.6.0 rpm for RHEL6.x waldo kitty
Events vs. Alerts Thomas Hyslip
Tuesday, 11 February
Snort vs. Barnyard2 performance logging to a database Dubrawsky, Ido
Re: Snort vs. Barnyard2 performance logging to a database Y M
Re: Snort vs. Barnyard2 performance logging to a database dandantheitman
Re: Snort vs. Barnyard2 performance logging to a database Balasubramaniam Natarajan
sudo snort -Tc snort.conf failure David Montgomery
Re: sudo snort -Tc snort.conf failure David Montgomery
Re: sudo snort -Tc snort.conf failure Y M
Re: Events vs. Alerts Nicholas Mavis (nmavis)
Re: sudo snort -Tc snort.conf failure Nicholas Mavis (nmavis)
JackPOS sig James Lay
Re: getting sensitive-data cc# alert to fire jason
sfportscan not writing to BASE Richard Smollett
Sourcefire VRT Certified Snort Rules Update 2014-02-11 Research
Getting Incorrect URL Error Message for a working URL MMartin
Re: Getting Incorrect URL Error Message for a working URL MMartin
Re: JackPOS sig James Espinosa
Re: JackPOS sig James Lay
Re: JackPOS sig James Lay
Re: JackPOS sig Joel Esler (jesler)
Re: Getting Incorrect URL Error Message for a working URL Joel Esler (jesler)
Careto/Mask Rules Tony Robinson
Snort based on APIs Rodrigo Pimpão
Re: Getting Incorrect URL Error Message for a working URL MMartin
Re: Snort-users Digest, Vol 93, Issue 13 Aditya Prakash
Re: Snort-users Digest, Vol 93, Issue 9 Aditya Prakash
Wednesday, 12 February
Re: Careto/Mask Rules Joel Esler (jesler)
Re: Barnyard2 problems with reputation preproc rules Dave Corsello
Re: Barnyard2 problems with reputation preproc rules beenph
[Snort-Devel] SNORT Detection-Plugin just call once Emiliano Fausto
New rule offered for detecting Gameover a new ZeuS variant over smtp rmkml
Re: [Snort-Devel] SNORT Detection-Plugin just call once John Eure
Thursday, 13 February
Re: [Snort-Devel] SNORT Detection-Plugin just call once Emiliano Fausto
Re: [Snort-Devel] SNORT Detection-Plugin just call once Emiliano Fausto
Barnyard2 doesn't read alerts Daniele Gallarato
Re: Barnyard2 doesn't read alerts Joel Esler (jesler)
Re: Barnyard2 doesn't read alerts Daniele Gallarato
Re: Barnyard2 doesn't read alerts beenph
Sig thought (wpad) James Lay
Re: Sig thought (wpad) Jeremy Hoel
Sourcefire VRT Certified Snort Rules Update 2014-02-13 Research
Re: Sig thought (wpad) James Lay
Odd 2.6.0 compile error with disable-flexresp3 Jeremy Hoel
Re: snort configuration priya pat
adding IDMEF output logging to snort-2.9.5 Yasin
Please feedback me about history of Snort sou
Newbie install Snort on a MacBook Pro with Maverick litltbear
Re: snort configuration Michael Steele
Re: snort configuration waldo kitty
Re: Newbie install Snort on a MacBook Pro with Maverick Richard Harman Jr (rharmanj)
Cannot build Snort 2.9.5.6 with --enable-build-dynamic-examples option Hai Minh Nguyen
Re: Cannot build Snort 2.9.5.6 with--enable-build-dynamic-examples option 손은영
Friday, 14 February
Re: JackPOS sig Joel Esler (jesler)
Re: JackPOS sig James Lay
Re: Cannot build Snort 2.9.5.6 with--enable-build-dynamic-examples option Hai Minh Nguyen
Re: Cannot build Snort 2.9.5.6 with--enable-build-dynamic-examples option Russ Combs (rucombs)
Sourcefire VRT Certified Snort Rules Update 2014-02-14 Research
Re: Odd 2.6.0 compile error with disable-flexresp3 Joel Esler (jesler)
SMTP Backscatter Dave Corsello
Help with snort rule and notifications Trever Leingod
Saturday, 15 February
Ebury SSH Rootkit sig. Y M
Re: Help with snort rule and notifications SnortFan
Re: Ebury SSH Rootkit sig. Joel Esler (jesler)
Re: Ebury SSH Rootkit sig. Y M
flowbits check needed? Y M
Re: flowbits check needed? rmkml
Re: flowbits check needed? Y M
Re: SMTP Backscatter Jason Haar
Re: SMTP Backscatter waldo kitty
Re: [Snort-Devel] SNORT Detection-Plugin just call once John Eure
Re: Help with snort rule and notifications Trever Leingod
Re: Help with snort rule and notifications Jeremy Hoel
Sunday, 16 February
Re: SMTP Backscatter Dave Corsello
Re: SMTP Backscatter waldo kitty
Re: SMTP Backscatter Jeff Kell
Re: flowbits check needed? Joel Esler (jesler)
Re: flowbits check needed? Y M
Re: Help with snort rule and notifications Trever Leingod
Re: Sig thought (wpad) Jason Haar
Re: SMTP Backscatter waldo kitty
Monday, 17 February
Snort 2.9.6 and DPX 1.6 test error: undefined libversion Hai Minh Nguyen
Re: Cannot build Snort 2.9.5.6 with--enable-build-dynamic-examples option Hai Minh Nguyen
Snort Ebury SSH Rootkit Lukas Matt
Re: Snort Ebury SSH Rootkit Y M
Re: Snort Ebury SSH Rootkit Lukas Matt
Re: Snort Ebury SSH Rootkit Y M
Re: Snort Ebury SSH Rootkit rmkml
Re: [Snort-Devel] SNORT Detection-Plugin just call once Emiliano Fausto
Re: Problems with MPLS traffic Packet Hack
Re: Help with snort rule and notifications Carter Waxman (cwaxman)
Work Practices of Cyber Security Professionals Muhammad Adnan
Re-Compiling Snort? MMartin
Re: Snort 2.9.6 and DPX 1.6 test error: undefined libversion Russ Combs (rucombs)
Unable to Compile DPX.C (original file) (dpx-1.6 version) Amtul Saboor
Re: Re-Compiling Snort? Y M
Re: Re-Compiling Snort? Joel Esler (jesler)
Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Russ Combs (rucombs)
Re: Re-Compiling Snort? MMartin
FW: Help with snort rule and notifications Trever Leingod
Re: FW: Help with snort rule and notifications Carter Waxman (cwaxman)
Re: FW: Help with snort rule and notifications Trever Leingod
Re: FW: Help with snort rule and notifications Carter Waxman (cwaxman)
Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Amtul Saboor
FW: FW: Help with snort rule and notifications Trever Leingod
Malicious ZenCart redirect sigs James Lay
Re: Snort 2.9.6 and DPX 1.6 test error: undefined libversion Hai Minh Nguyen
Re: Snort 2.9.6 and DPX 1.6 test error: undefined libversion Hai Minh Nguyen
[PATCH]: Fix IP Protocol variable data type in Stream5 Preprocessor Joshua Kinard
Re: [PATCH]: daq-2.0.2 doesn't build shared libs on FreeBSD 10.x Joshua Kinard
Re: [PATCH]: Fix build on DragonFlyBSD 3.x Joshua Kinard
Tuesday, 18 February
Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Amtul Saboor
Re: Snort-devel Digest, Vol 91, Issue 13 Nicolae Paladi
Snort anomaly detection Mr Smith
Fwd: Snort anomaly detection Mr Smith
Re: FW: FW: Help with snort rule and notifications Carter Waxman (cwaxman)
Re: Snort 2.9.6 and DPX 1.6 test error: undefined libversion Russ Combs (rucombs)
[PATCH]: src/util.h: Add SnortStrtoull/SnortStrToU64 functions Joshua Kinard
Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Russ Combs (rucombs)
Unsubscribe Srinivas Kumar
Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Amtul Saboor
Re: Enabling all the rules for testing using PulledPork? JJC
Allowing windows updates to pass through snort Doug Olitsky
Sourcefire VRT Certified Snort Rules Update 2014-02-18 Research
Re: Allowing windows updates to pass through snort Tony Reusser
Re: Allowing windows updates to pass through snort Tony Reusser
FW: Allowing windows updates to pass through snort Tony Reusser
Re: Malicious ZenCart redirect sigs Carlos Pacho
Preprocessor disabling question SnortFan
Re: Allowing windows updates to pass through snort waldo kitty
Question about ssh gobbles alert (128:1) Jeremy Hoel
Re: Question about ssh gobbles alert (128:1) Joel Esler (jesler)
Re: Question about ssh gobbles alert (128:1) Joel Esler (jesler)
Re: Preprocessor disabling question Joel Esler (jesler)
Re: Question about ssh gobbles alert (128:1) Jeremy Hoel
Re: Preprocessor disabling question SnortFan
Re: Preprocessor disabling question SnortFan
Question Behavior Mode Jorge Maravi
Re: FW: FW: Help with snort rule and notifications Trever Leingod
Re: Snort 2.9.6 and DPX 1.6 test error: undefined libversion Hai Minh Nguyen
Re: SMTP Backscatter Dave Corsello
Re: SMTP Backscatter waldo kitty
Wednesday, 19 February
Re: FW: FW: Help with snort rule and notifications Carter Waxman (cwaxman)
Re: Snort 2.9.6 and DPX 1.6 test error: undefined libversion Russ Combs (rucombs)
Problems with last gen-msg.map in rule set Budinich Galvez, Luis Alberto
Re: Problems with last gen-msg.map in rule set Heine Lysemose
Snort failed to stay up after upgrade to 2.9.6.0 Feroz Basir
Re: Snort failed to stay up after upgrade to 2.9.6.0 Jeremy Hoel
Re: Snort failed to stay up after upgrade to 2.9.6.0 Feroz Basir
Re: Snort failed to stay up after upgrade to 2.9.6.0 Jeremy Hoel
Re: Snort failed to stay up after upgrade to 2.9.6.0 Carter Waxman (cwaxman)
Re: Snort failed to stay up after upgrade to 2.9.6.0 Michael Brown
Re: Snort failed to stay up after upgrade to 2.9.6.0 Feroz Basir
Re: Snort failed to stay up after upgrade to 2.9.6.0 Jeremy Hoel
Re: Snort failed to stay up after upgrade to 2.9.6.0 Feroz Basir
Snort Alert [1:1000001:1] Angel Chiriboga Torres
Re: Snort failed to stay up after upgrade to 2.9.6.0 Jeremy Hoel
Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Russ Combs (rucombs)
Re: Snort failed to stay up after upgrade to 2.9.6.0 waldo kitty
Re: Snort Alert [1:1000001:1] Jeremy Hoel
Snort.org Blog: Open Source Community Meeting at RSA next week! Joel Esler (jesler)
Snort Standard out / error logging (UNCLASSIFIED) Wright, Jonathon S CTR (US)
Re: Snort Alert [1:1000001:1] Michael Brown
Re: [Snort-users] Snort.org Blog: Open Source Community Meeting at RSA next week! Joel Esler (jesler)
Re: Preprocessor disabling question Joel Esler (jesler)
Patch for Stream5 TCP direction John Eure
Re: Snort 2.9.6 and DPX 1.6 test error: undefined libversion Hai Minh Nguyen
Re: Snort failed to stay up after upgrade to 2.9.6.0 Feroz Basir
[HITB-Announce] Haxpo CFP Hafez Kamal
Re: Snort failed to stay up after upgrade to 2.9.6.0 SnortFan
Re: Snort failed to stay up after upgrade to 2.9.6.0 Feroz Basir
Re: Snort failed to stay up after upgrade to 2.9.6.0 Jeremy Hoel
Thursday, 20 February
Re: Snort failed to stay up after upgrade to 2.9.6.0 Feroz Basir
Re: Snort failed to stay up after upgrade to 2.9.6.0 Feroz Basir
Receiving alerts for a disabled rule Anshuman Anil Deshmukh
Re: Patch for Stream5 TCP direction Carter Waxman (cwaxman)
Re: Receiving alerts for a disabled rule Joel Esler (jesler)
Re: Snort 2.9.6 and DPX 1.6 test error: undefined libversion Hai Minh Nguyen
Re: Snort failed to stay up after upgrade to 2.9.6.0 Richard Harman Jr (rharmanj)
Re: Snort failed to stay up after upgrade to 2.9.6.0 Bill Bernsen
How to activate all rules using PulledPork? Michael Steele
Sourcefire VRT Certified Snort Rules Update 2014-02-20 Research
Re: How to activate all rules using PulledPork? SnortFan
Re: Receiving alerts for a disabled rule SnortFan
Re: Snort failed to stay up after upgrade to 2.9.6.0 Feroz Basir
Re: Patch for Stream5 TCP direction John Eure
Friday, 21 February
file carving Long, Kerry S
Disablesid.conf and classtype SnortFan
Snort install Rule Problem Gierczak, Stan
Re: file carving Hui cao
Re: Snort install Rule Problem James Lay
SO rules and pulledpork Fred Maillou
Re: Disablesid.conf and classtype Juan Camilo Valencia
Re: Patch for Stream5 TCP direction Russ Combs (rucombs)
Re: Snort install Rule Problem Gierczak, Stan
Re: Disablesid.conf and classtype Joel Esler (jesler)
Re: Patch for Stream5 TCP direction John Eure
Saturday, 22 February
Re: Snort Ebury SSH Rootkit Y M
Re: Snort Ebury SSH Rootkit rmkml
Snort does not detect attacks Michal Šutta
Re: Snort does not detect attacks waldo kitty
Re: Snort Ebury SSH Rootkit Y M
Alan Nala Alan Nala
Sunday, 23 February
SO Rules Michal Šutta
(no subject) Michal Šutta
Snort rules Michal Šutta
Re: Snort Ebury SSH Rootkit Joel Esler (jesler)
Re: (no subject) Joel Esler (jesler)
Re: (no subject) Mike Miller
Monday, 24 February
I need an IDS that sends critical alerts by email Jeronimo L. Cabral
Re: I need an IDS that sends critical alerts by email Doug Burks
Re: Patch for Stream5 TCP direction Russ Combs (rucombs)
Choosing the best rules Michal Šutta
Re: How to activate all rules using PulledPork? SnortFan
Re: Choosing the best rules SnortFan
Re: Choosing the best rules Richard Harman Jr (rharmanj)
Re: Choosing the best rules James Lay
AUTO: AYYILDIZ, Cihan is out of the office. (returning 03.03.2014) Cihan AYYILDIZ
Tuesday, 25 February
Re: Patch for Stream5 TCP direction John Eure
DoS/DDoS :: Bandwidth Benefits Chinmay Mahata
Snort 2.9.7.0 Alpha is now available Snort Releases
Snort 2.9.7.0 Alpha is now available. Snort Releases
Defense center SnortFan
Re: Defense center Jeremy Hoel
Re: Defense center Richard Harman Jr (rharmanj)
Sourcefire VRT Certified Snort Rules Update 2014-02-25 Research
Enablesid question SnortFan
Wednesday, 26 February
Re: Enablesid question Joel Esler (jesler)
Re: Enablesid question SnortFan
Re: Disablesid.conf and classtype SnortFan
Re: I need an IDS that sends critical alerts by email Jeronimo L. Cabral
Re: I need an IDS that sends critical alerts by email Doug Burks
Re: Disablesid.conf and classtype SnortFan
Re: Disablesid.conf and classtype Joel Esler (jesler)
Opinions about SmoothSec distro containing Snort Jeronimo L. Cabral
Re: Snort 2.9.7.0 Alpha is now available Joshua Kinard
Thursday, 27 February
Sourcefire VRT Certified Snort Rules Update 2014-02-27 Research
Fwd: Snort 2.9.6.0 memory leak? Mirek Suliba
Re: Fwd: Snort 2.9.6.0 memory leak? Hui Cao (huica)
Re: Fwd: Snort 2.9.6.0 memory leak? Mirek Suliba
Re: Fwd: Snort 2.9.6.0 memory leak? Hui Cao (huica)
Re: Fwd: Snort 2.9.6.0 memory leak? Mirek Suliba
Re: Fwd: Snort 2.9.6.0 memory leak? waldo kitty
Re: Fwd: Snort 2.9.6.0 memory leak? Mirek Suliba
Friday, 28 February
Re: Fwd: Snort 2.9.6.0 memory leak? Hui Cao (huica)
Re: Receiving alerts for a disabled rule Anshuman Anil Deshmukh
Re: Fwd: Snort 2.9.6.0 memory leak? Mirek Suliba
Re: Fwd: Snort 2.9.6.0 memory leak? Hui cao
Re: Receiving alerts for a disabled rule SnortFan
Snort won't generate alerts with single snort.rules file Anacleto Junior
AF_Packet module Long, Kerry S
Re: Fwd: Snort 2.9.6.0 memory leak? Mirek Suliba
Re: Receiving alerts for a disabled rule waldo kitty
Snort IDS Monitoring a Proxy Server with Mode 4 Bonding Turnbough, Bradley E.
Re: Snort IDS Monitoring a Proxy Server with Mode 4 Bonding James Lay
Sunday, 02 March
TMG Firewall Client long host entry exploit attempt Carlos G Mendioroz
Snort 2.9.6.0 and number of rules Y M
Re: TMG Firewall Client long host entry exploit attempt Joel Esler (jesler)
Re: TMG Firewall Client long host entry exploit attempt Carlos G Mendioroz
Re: TMG Firewall Client long host entry exploit attempt Joel Esler (jesler)
Monday, 03 March
Re: TMG Firewall Client long host entry exploit attempt Carlos G Mendioroz
Re: TMG Firewall Client long host entry exploit attempt Joel Esler (jesler)
Re: TMG Firewall Client long host entry exploit attempt simegnew yihunie
Can't alert on most Michael Wisniewski
Tuesday, 04 March
SOHO Pharming sigs Jamie Riden
Re: TMG Firewall Client long host entry exploit attempt waldo kitty
Re: Can't alert on most waldo kitty
Sourcefire VRT Certified Snort Rules Update 2014-03-04 Research
Question - snort v2.9.6.0 rules Eray Balkanli
Re: Question - snort v2.9.6.0 rules Joel Esler (jesler)
Re: Can't alert on most Carlos G Mendioroz
Gamut Spambot sig James Lay
Re: TMG Firewall Client long host entry exploit attempt Patrick Mullen
Re: Can't alert on most Michael Wisniewski
Re: TMG Firewall Client long host entry exploit attempt Carlos G Mendioroz
Re: TMG Firewall Client long host entry exploit attempt Patrick Mullen
Re: TMG Firewall Client long host entry exploit attempt Carlos G Mendioroz
Re: Gamut Spambot sig James Lay
Re: Can't alert on most waldo kitty
Re: TMG Firewall Client long host entry exploit attempt Randal T. Rioux
Wednesday, 05 March
Re: Can't alert on most Carlos G Mendioroz
Regarding set wise pattern matcher sri harsha
Re: Can't alert on most Michael Wisniewski
order of processing of incoming packets in preprocessors of snort simegnew yihunie
Re: Can't alert on most Doug Burks
Re: Can't alert on most Michael Wisniewski
Re: order of processing of incoming packets in preprocessors of snort Hui Cao (huica)
Case sensitive fast pattern matches Mike Cox
Re: Regarding set wise pattern matcher Hui Cao (huica)
IPS and the alert file Avery Rozar
Re: order of processing of incoming packets in preprocessors of snort James Lay
Reputation IP Lists Turnbough, Bradley E.
Re: Reputation IP Lists James Lay
Re: Reputation IP Lists Turnbough, Bradley E.
Re: Case sensitive fast pattern matches Hui Cao (huica)
Re: Case sensitive fast pattern matches waldo kitty
Re: Can't alert on most waldo kitty
Re: Case sensitive fast pattern matches lists
IPS options James Lay
Re: IPS options waldo kitty
Re: IPS options Y M
Thursday, 06 March
Re: Snort 2.9.6.0 and number of rules Y M
Getting PF_RING to work on a vanilla driver with Snort Dheeraj Gupta
Re: IPS options James Lay
Re: IPS options Y M
Re: IPS options Russ Combs (rucombs)
Re: Snort 2.9.6.0 and number of rules Russ Combs (rucombs)
Re: IPS options James Lay
Re: Snort won't generate alerts with single snort.rules file Anacleto Junior
Re: RE : Snort won't generate alerts with single snort.rules file Anacleto Junior
Synology Diskstation Manager Reflected XSS sig James Lay
Re: Snort won't generate alerts with single snort.rules file waldo kitty
IP REP / Pulled Pork / Snort Difficulties Turnbough, Bradley E.
Re: IP REP / Pulled Pork / Snort Difficulties Y M
Re: Snort won't generate alerts with single snort.rules file Michael Wisniewski
Re: Snort won't generate alerts with single snort.rules file Joel Esler (jesler)
Re: Snort won't generate alerts with single snort.rules file Anacleto Junior
Can't find nfq DAQ James Lay
Re: Snort won't generate alerts with single snort.rules file Joel Esler (jesler)
Friday, 07 March
Re: Getting PF_RING to work on a vanilla driver with Snort Dheeraj Gupta
[PATCH]: Correctly detect the end of payload in base64_decode Joshua Kinard
Re: IP REP / Pulled Pork / Snort Difficulties Anshuman Anil Deshmukh
YNT: Question - snort v2.9.6.0 rules Eray Balkanli
Re: [PATCH]: Correctly detect the end of payload in base64_decode Hui Cao (huica)
home_net as source? Michael Wisniewski
Blocked Verdicts vs. Alerts Avery Rozar
Re: Can't find nfq DAQ James Lay
Re: Blocked Verdicts vs. Alerts Joel Esler (jesler)
Re: home_net as source? Jeremy Hoel
Typeset change logs SnortFan
Re: home_net as source? Turnbough, Bradley E.
Re: Blocked Verdicts vs. Alerts Avery Rozar
Re: Blocked Verdicts vs. Alerts Russ Combs (rucombs)
Re: Blocked Verdicts vs. Alerts Avery Rozar
Problems Enabling IPQ and NFQ MMartin
Re: IP REP / Pulled Pork / Snort Difficulties Y M
Re: Typeset change logs Y M
Re: Problems Enabling IPQ and NFQ Y M
Re: Problems Enabling IPQ and NFQ Hui cao
Re: Problems Enabling IPQ and NFQ MMartin
Re: Problems Enabling IPQ and NFQ MMartin
Re: Typeset change logs Joel Esler (jesler)
Re: Problems Enabling IPQ and NFQ MMartin
Re: Problems Enabling IPQ and NFQ James Lay
Re: [PATCH]: Correctly detect the end of payload in base64_decode Joshua Kinard
Saturday, 08 March
Re: Receiving alerts for a disabled rule Anshuman Anil Deshmukh
Re: home_net as source? Michael Wisniewski
Re: home_net as source? Jeremy Hoel
New tool: unlimited.py Tony Robinson
Sunday, 09 March
Re: [PATCH]: Correctly detect the end of payload in base64_decode Hui Cao (huica)
Re: [PATCH]: Correctly detect the end of payload in base64_decode Joshua Kinard
Copyright assignment on new source files in a patch? Joshua Kinard
İLT: Question - snort v2.9.6.0 rules Eray Balkanli
Re: Copyright assignment on new source files in a patch? Joel Esler (jesler)
Re: [PATCH]: Correctly detect the end of payload in base64_decode Joel Esler (jesler)
Re: [PATCH]: Correctly detect the end of payload in base64_decode Joshua Kinard
Re: [PATCH]: Correctly detect the end of payload in base64_decode Joel Esler (jesler)
Monday, 10 March
overload Snort Michal Šutta
Re: overload Snort Stark, Vernon L.
Re: IP REP / Pulled Pork / Snort Difficulties Turnbough, Bradley E.
Re: IP REP / Pulled Pork / Snort Difficulties Joel Esler (jesler)
Re: [PATCH]: Fix IP Protocol variable data type in Stream5 Preprocessor Carter Waxman (cwaxman)
Missing sanity checks in Snort-2.9.7.0-alpha in appid code. Bill Parker
Re: Missing sanity checks in Snort-2.9.7.0-alpha in appid code. Costas Kleopa (ckleopa)
Problems Enabling IPQ and NFQ MMartin
Re: İLT: Question - snort v2.9.6.0 rules Joel Esler (jesler)
Question about CPU affinity for interrupts Roger Campbell
Tuesday, 11 March
(no subject) basant subba
Snort + sfPortscan + Barnyard2 + Snorby Antonio Piepoli
Re: Problems Enabling IPQ and NFQ MMartin
Snort error Basant Subba
Re: Snort error lists () packetmail net
Re: Snort + sfPortscan + Barnyard2 Antonio Piepoli
Re: Snort + sfPortscan + Barnyard2 Maxwell, Jamison [HDS]
Snort + sfPortscan + Barnyard2 Maxwell, Jamison [HDS]
change syslog messages Budinich Galvez, Luis Alberto
Re: Snort + sfPortscan + Barnyard2 Antonio Piepoli
Re: change syslog messages MMartin
Re: Question about CPU affinity for interrupts Livio Ricciulli
Re: change syslog messages MMartin
Choosing Config detection - search-method Anacleto Junior
Re: Snort error waldo kitty
Re: Snort + sfPortscan + Barnyard2 + Snorby waldo kitty
Re: Snort + sfPortscan + Barnyard2 Maxwell, Jamison [HDS]
Re: change syslog messages waldo kitty
Sourcefire VRT Certified Snort Rules Update 2014-03-11 Research
Re: Snort + sfPortscan + Barnyard2 Antonio Piepoli
Re: Snort + sfPortscan + Barnyard2 beenph
Re: Question about CPU affinity for interrupts Roger Campbell
Simple rule to match /wp-admin/ Avery Rozar
AUTO: AYYILDIZ, Cihan is out of the office. (returning 17.03.2014) Cihan AYYILDIZ
Re: Question about CPU affinity for interrupts Livio Ricciulli
Re: Snort won't generate alerts with single snort.rules file SnortFan
Wednesday, 12 March
Re: Snort + sfPortscan + Barnyard2 Antonio Piepoli
hping3 flood detection Meysam Farazmand
Re: hping3 flood detection waldo kitty
Re: change syslog messages Budinich Galvez, Luis Alberto
snort configuration basant subba
Re: Snort + sfPortscan + Barnyard2 beenph
Re: Snort + sfPortscan + Barnyard2 Antonio Piepoli
Re: Snort won't generate alerts with single snort.rules file Anacleto Junior
Snort.org Blog: Open Source Community Webinar Joel Esler (jesler)
Re: Snort won't generate alerts with single snort.rules file SnortFan
Snort Services Failed to Start Vona, Steven A CIV NSWCCD Philadelphia, 34117
Re: snort configuration Jeremy Hoel
Re: Snort Services Failed to Start Joel Esler (jesler)
[snort-devel] Patches to add error checking and replace legacy library calls in 2.9.7.0-alpha Bill Parker
Re: [snort-devel] Patches to add error checking and replace legacy library calls in 2.9.7.0-alpha Costas Kleopa (ckleopa)
Problem reading pcap files Bruno Andrade
tcpreplay simegnew yihunie
Thursday, 13 March
Re: Choosing Config detection - search-method Anacleto Junior
Sourcefire VRT Certified Snort Rules Update 2014-03-13 Research
Re: Snort won't generate alerts with single snort.rules file Anacleto Junior
[snort-devel] - additional error checking for calls in snort-2.9.7.0-alpha Bill Parker
patch for spp_normalize.c Gregory S Thomas
Friday, 14 March
Lot of errors with duplicated sids C. L. Martinez
Re: Snort Services Failed to Start Vona, Steven A CIV NSWCCD Philadelphia, 34117
(no subject) JS
[Webinar-2014_03_14] ARF or WRF files Emiliano Fausto
Re: Lot of errors with duplicated sids Joel Esler (jesler)
Re: Lot of errors with duplicated sids C. L. Martinez
Re: [Webinar-2014_03_14] ARF or WRF files Joel Esler (jesler)
Re: [Webinar-2014_03_14] ARF or WRF files Emiliano Fausto
Sniffing Bonded Ports (Linux, mode=4) Turnbough, Bradley E.
Re: [snort-devel] - additional error checking for calls in snort-2.9.7.0-alpha Costas Kleopa (ckleopa)
Re: Snort Services Failed to Start waldo kitty
Fwd: Re: hping3 flood detection Meysam Farazmand
Re: Snort won't generate alerts with single snort.rules file SnortFan
Saturday, 15 March
Unexpected results with reputation preprocessor Dave Corsello
Sunday, 16 March
Whitelist port? Michael Wisniewski
Monday, 17 March
Re: Snort Services Failed to Start Vona, Steven A CIV NSWCCD Philadelphia, 34117
Re: Snort Services Failed to Start Russ Combs (rucombs)
Re: Snort Services Failed to Start Vona, Steven A CIV NSWCCD Philadelphia, 34117
Re: Snort Services Failed to Start Russ Combs (rucombs)
Re: Snort Services Failed to Start waldo kitty
Re: Snort Services Failed to Start Vona, Steven A CIV NSWCCD Philadelphia, 34117
Re: Snort Services Failed to Start Russ Combs (rucombs)
Re: Snort Services Failed to Start Vona, Steven A CIV NSWCCD Philadelphia, 34117
Re: Snort Services Failed to Start Russ Combs (rucombs)
Re: Snort Services Failed to Start Vona, Steven A CIV NSWCCD Philadelphia, 34117
Re: Snort Services Failed to Start Russ Combs (rucombs)
Re: Snort Services Failed to Start waldo kitty
Re: Snort Services Failed to Start Vona, Steven A CIV NSWCCD Philadelphia, 34117
Tuesday, 18 March
Sourcefire VRT Certified Snort Rules Update 2014-03-18 Research
Snort Configuration Nanda Vardhan
Snort Configuration Nanda Vardhan
Re: Snort Configuration waldo kitty
Wednesday, 19 March
Re: Snort Configuration Russ Combs (rucombs)
Re: Snort Configuration Nanda Vardhan
Re: Unexpected results with reputation preprocessor Dave Corsello
Re: Unexpected results with reputation preprocessor Joel Esler (jesler)
Re: Unexpected results with reputation preprocessor James Lay
Snort Inline mode with iptables problems on Ubuntu 12.04 Shiva
Re: Unexpected results with reputation preprocessor Dave Corsello
Re: Unexpected results with reputation preprocessor Dave Corsello
output alert_fast: is not anymore a pipe? Juan Camilo Valencia
Re: Snort Inline mode with iptables problems on Ubuntu 12.04 Shivaramakrishnan Vaidyanathan
Re: Snort Inline mode with iptables problems on Ubuntu 12.04 James Lay
Re: Unexpected results with reputation preprocessor James Lay
Re: Snort Inline mode with iptables problems on Ubuntu 12.04 Shivaramakrishnan Vaidyanathan
Re: Snort Inline mode with iptables problems on Ubuntu 12.04 James Lay
Re: Snort Inline mode with iptables problems on Ubuntu 12.04 Shivaramakrishnan Vaidyanathan
Re: Snort Inline mode with iptables problems on Ubuntu 12.04 Shivaramakrishnan Vaidyanathan
Re: Snort Configuration waldo kitty
Re: Unexpected results with reputation preprocessor Dave Corsello
SNORT daq modules question Shivaramakrishnan Vaidyanathan
Re: Unexpected results with reputation preprocessor Joel Esler (jesler)
Re: Snort Inline mode with iptables problems on Ubuntu 12.04 James Lay
Re: Snort Inline mode with iptables problems on Ubuntu 12.04 Shivaramakrishnan Vaidyanathan
Re: Unexpected results with reputation preprocessor Dave Corsello
Re: Snort Inline mode with iptables problems on Ubuntu 12.04 James Lay
Re: Unexpected results with reputation preprocessor Joel Esler (jesler)
Thursday, 20 March
Re: Snort Configuration Nanda Vardhan
getting a full copy of pcap for forensic purposes from Snort Long, Kerry S
Re: getting a full copy of pcap for forensic purposes from Snort Joel Esler (jesler)
Re: getting a full copy of pcap for forensic purposes from Snort Y M
Re: getting a full copy of pcap for forensic purpose from Snort Long, Kerry S
Re: getting a full copy of pcap for forensic purposes from Snort Y M
Re: getting a full copy of pcap for forensic purpose from Snort Jeremy Hoel
Snort 2.9.6 Configuration Nanda Vardhan
Sourcefire VRT Certified Snort Rules Update 2014-03-20 Research
Re: Snort 2.9.6 Configuration Mitesh Jadia
Sending alerts by email in real-time Jeronimo L. Cabral
Detect Credit Card number in attached file hosein izadi
Re: Snort Configuration waldo kitty
Snort 2.9.6.0 Packet Capturing Nanda Vardhan
Re: Sending alerts by email in real-time Doug Burks
Re: Detect Credit Card number in attached file Russ Combs (rucombs)
Subj: [snort-devel] lack of sanity checks for strdup/strndup() calls in 2.9.7.0-alpha Bill Parker
DRPA dataset basant subba
Friday, 21 March
Snort-2.9.6.0 Packet Capturing Nanda Vardhan
Re: Detect Credit Card number in attached file hosein izadi
Re: Snort-2.9.6.0 Packet Capturing Joel Esler (jesler)
Re: DRPA dataset Joel Esler (jesler)
Re: Subj: [snort-devel] lack of sanity checks for strdup/strndup() calls in 2.9.7.0-alpha Costas Kleopa (ckleopa)
Re: output alert_fast: is not anymore a pipe? Juan Camilo Valencia
Order of stream_size and dsize checks? Harley H
Re: Order of stream_size and dsize checks? Steven Sturges
Re: output alert_fast: is not anymore a pipe? Russ Combs (rucombs)
Re: Detect Credit Card number in attached file Russ Combs (rucombs)
Re: Detect Credit Card number in attached file hosein izadi
Re: Order of stream_size and dsize checks? Joel Esler (jesler)
Re: Order of stream_size and dsize checks? snort user
Re: Order of stream_size and dsize checks? Steven Sturges
Re: Order of stream_size and dsize checks? Joel Esler (jesler)
Re: Order of stream_size and dsize checks? Joshua Kinard
Order of Preprocessors Tony Robinson
CMD override HOME_NET Balasubramaniam Natarajan
Saturday, 22 March
Re: Snort-2.9.6.0 Packet Capturing Nanda Vardhan
Re: Snort-2.9.6.0 Packet Capturing praveen_recker .
Re: Snort-2.9.6.0 Packet Capturing Tony Robinson
Snort-2.9.6.0 Packet Capturing Nanda Vardhan
Sunday, 23 March
Packet Capturing Nanda Vardhan
Inline direction question for rules to work best Avery Rozar
HELP! stephanie sokhn
Re: Snort-2.9.6.0 Packet Capturing Anacleto Junior
Re: Snort-2.9.6.0 Packet Capturing praveen_recker .
Monday, 24 March
Re: Packet Capturing Russ Combs (rucombs)
Re: HELP! James Lay
event_filter by IP? William Rehnquyst
Re: Detect Credit Card number in attached file Russ Combs (rucombs)
Action based on certain event Turnbough, Bradley E.
Re: Detect Credit Card number in attached file hosein izadi
Re: Action based on certain event Turnbough, Bradley E.
Re: HELP! James Lay
Snort rules with openAppId feature Guillaume DALEUX
c0c0n 2014 | The cy0ps c0n - Call For Papers & Call For Workshops c0c0n International Information Security Conference
Tuesday, 25 March
Re: event_filter by IP? Nicholas Mavis (nmavis)
Sourcefire VRT Certified Snort Rules Update 2014-03-25 Research
Snort stephanie sokhn
Re: Snort James Lay
Re: event_filter by IP? Nicholas Mavis (nmavis)
Snort as a HIPS James Lay
Re: Snort as a HIPS Dave Corsello
Re: Snort as a HIPS James Lay
Wednesday, 26 March
Adding "drop" in the msg output. Avery Rozar
Basic snort setup for processing pcap produces no alerts Egon Kidmose
Re: Basic snort setup for processing pcap produces no alerts James Lay
RE : Basic snort setup for processing pcap produces no alerts rmkml
ignore dhcp traffic from modem/router Philip Beattie
Pulledpork and sid-msg.map Avery Rozar
Re: Pulledpork and sid-msg.map Jeremy Hoel
Re: ignore dhcp traffic from modem/router Jeremy Hoel
Re: Pulledpork and sid-msg.map Avery Rozar
Re: Pulledpork and sid-msg.map Jeremy Hoel
Encoded Rule Plugin SID: 16329, GID: 3 not registered properly. Disabling this rule. Vona, Steven A CIV NSWCCD Philadelphia, 34117
unified2 - multiple events and single packet question Jeff Sundquist
Re: Pulledpork and sid-msg.map Avery Rozar
What does Snort stand for? Josh Bitto
Re: unified2 - multiple events and single packet question Jeff Sundquist
Re: What does Snort stand for? Joel Esler (jesler)
Re: Adding "drop" in the msg output. Joel Esler (jesler)
Re: unified2 - multiple events and single packet question Joel Esler (jesler)
Re: Adding "drop" in the msg output. Jeremy Hoel
Re: Snort 2.9.6.0 and number of rules Y M
Re: Order of Preprocessors Y M
Re: Snort-2.9.6.0 Packet Capturing Y M
Re: Encoded Rule Plugin SID: 16329, GID: 3 not registered properly. Disabling this rule. Y M
Thursday, 27 March
Snort limitations Ayoub Abid
Re: Basic snort setup for processing pcap produces no alerts Egon Kidmose
Snort Event Types Turnbough, Bradley E.
Re: Snort Event Types Dave Corsello
Re: event_filter by IP? William Rehnquyst
Re: Snort Event Types James Lay
Re: Adding "drop" in the msg output. Avery Rozar
Sourcefire VRT Certified Snort Rules Update 2014-03-27 Research
Re: Detect Credit Card number in attached file Russ Combs (rucombs)
God of No Mercy Lee Kuan Yew and Teo En Ming Singapore Citizen Mr. Teo En Ming (Zhang Enming)
Re: Detect Credit Card number in attached file hosein izadi
Re: Detect Credit Card number in attached file Russ Combs (rucombs)
Diff between max_queue and log (README.event_queue) Balasubramaniam Natarajan
Neutralization of an IPS stephanie sokhn
Re: Diff between max_queue and log (README.event_queue) Joel Esler (jesler)
Re: Diff between max_queue and log (README.event_queue) Nicholas Mavis (nmavis)
Invalid login attempts Anshuman Anil Deshmukh
[SNORT-DEVEL] Additional Credit/Debit Card Tracking Capability for 2.9.7.0-Alpha Bill Parker
Re: Snort limitations Nicholas Mavis (nmavis)
Segmentation fault while reloading configuration Hugo Vasconcelos Saldanha
Re: Snort limitations Stark, Vernon L.
Friday, 28 March
Re: Can't alert on most Gierczak, Stan
Re: Encoded Rule Plugin SID: 16329, GID: 3 not registered properly. Disabling this rule. Vona, Steven A CIV NSWCCD Philadelphia, 34117
Re: Snort Limitations Maxwell, Jamison [HDS]
Re: [SNORT-DEVEL] Additional Credit/Debit Card Tracking Capability for 2.9.7.0-Alpha Josh Rosenbaum (jrosenba)
ERSPAN Fernando Cardoso
Re: Segmentation fault while reloading configuration Josh Rosenbaum (jrosenba)
Re: Can't alert on most waldo kitty
Re: Encoded Rule Plugin SID: 16329, GID: 3 not registered properly. Disabling this rule. waldo kitty
Error 403 when downloading rules with pulledpork Joe Evango
Re: Snort limitations Nicholas Mavis (nmavis)
Re: Error 403 when downloading rules with pulledpork Joel Esler (jesler)
Question about xls trigger SnortFan
Re: Question about xls trigger James Lay
Re: Question about xls trigger Joel Esler (jesler)
Re: Question about xls trigger SnortFan
[SNORT-DEVEL] iban.c/iban.h code for possible use in snort-2.9.7.0-alpha Bill Parker
Port mirroring settings for SNORT basant subba
Re: Question about xls trigger Joel Esler (jesler)
Re: Port mirroring settings for SNORT waldo kitty
Monday, 31 March
Snorby Snort or Barnyard scrambles IPs Ilja Schumacher
Exception to a rule pulled by pulledpork Ilja Schumacher
Re: Snorby Snort or Barnyard scrambles IPs Jeremy Hoel
Re: Exception to a rule pulled by pulledpork Jeremy Hoel
Re: Invalid login attempts Anshuman Anil Deshmukh
Re: Port mirroring settings for SNORT Kevin Ross
Re: ERSPAN Russ Combs (rucombs)
Re: Detect Credit Card number in attached file hosein izadi
Re: Exception to a rule pulled by pulledpork waldo kitty
Re: Detect Credit Card number in attached file Russ Combs (rucombs)
Re: ERSPAN Fernando Cardoso
running more instances of snort Michal Šutta
Re: running more instances of snort James Lay
Re: running more instances of snort Livio Ricciulli
Re: running more instances of snort Michal Šutta
Re: running more instances of snort Russ Combs (rucombs)
Re: running more instances of snort Jeremy Hoel
Re: running more instances of snort Michal Šutta