Snort: by author
RSS Feed
About List
All Lists
Previous period
735 messages
starting Nov 17 14 and
ending Nov 10 14
Date index |
Thread index |
Author index
ahmed shafie
Problem in configuring snort for inserting events in sql database ahmed shafie (Nov 17)
Barnyard configuration problem ahmed shafie (Nov 22)
Alex McDonnell
Re: Shellshock CVE 2014-6271 Alex McDonnell (Oct 09)
Re: Snort-users Digest, Vol 101, Issue 41 Alex McDonnell (Oct 28)
Re: lots of alerts on so rule "possible DGA detected" Alex McDonnell (Nov 25)
Re: SID 29999 Alex McDonnell (Nov 06)
Re: SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm Alex McDonnell (Oct 16)
Alex Tatistcheff
Protected content Alex Tatistcheff (Dec 15)
Re: Protected content Alex Tatistcheff (Dec 18)
Re: Protected content Alex Tatistcheff (Dec 15)
amin Salehi
snort rpc_decode amin Salehi (Nov 12)
Amtul Saboor
Re: Fwd: Issue Regarding Rate_filter Amtul Saboor (Nov 12)
Fwd: Issue Regarding Rate_filter Amtul Saboor (Nov 11)
Re-naming DPX File dpx.c Amtul Saboor (Nov 07)
Andre DiMino
Error 500 today? Andre DiMino (Dec 05)
Re: Error 500 today? Andre DiMino (Dec 15)
Re: Error 500 today? Andre DiMino (Dec 15)
Re: Slow snort startup, plus flowbit issues Andre DiMino (Oct 06)
Slow snort startup, plus flowbit issues Andre DiMino (Oct 06)
Anshuman Anil Deshmukh
Multiple errors on Snort Anshuman Anil Deshmukh (Dec 04)
Re: Multiple errors on Snort Anshuman Anil Deshmukh (Dec 05)
Unable to update signatures for 2.9.6.1 Anshuman Anil Deshmukh (Nov 16)
Argcyborg
Re: Daq module for wndows Argcyborg (Dec 08)
Daq module for wndows Argcyborg (Dec 08)
Avery Rozar
How can I remove redundant entries from the database? Avery Rozar (Nov 10)
bancfc
Snort string matching whitelist possible? bancfc (Oct 28)
Barry Bahrami
RDP attack vector in MS14-066 Barry Bahrami (Nov 20)
sig for RDP attack vector in MS14-066 Barry Bahrami (Nov 20)
Bhagya Bantwal (bbantwal)
Re: Email mime part data_state reassembly problem Bhagya Bantwal (bbantwal) (Dec 11)
Re: Snort 2.9.7.0 - probably memleak in HttpInspect Bhagya Bantwal (bbantwal) (Dec 09)
Bill Bernsen
Re: Startup Script (init.d) Bill Bernsen (Nov 13)
Re: Slow snort startup, plus flowbit issues Bill Bernsen (Oct 06)
Re: SNORT and Emulex DAG Bill Bernsen (Nov 14)
Re: Multiple Instances of SNORT Bill Bernsen (Oct 02)
Re: SNORT and Emulex DAG Bill Bernsen (Nov 13)
Re: SNORT and Emulex DAG Bill Bernsen (Nov 14)
Bill Parker
Lack of Sanity Checks in 'flow_control.cc' in Snort-3.0.0-a1 Bill Parker (Dec 12)
Addition to snort_manual.pdf Bill Parker (Dec 12)
Missing Sanity Check for fseek() in Snort-3.0.0-a1 Bill Parker (Dec 12)
Missing Sanity Check for calloc() in Snort-3.0.0-a1 (round 2) Bill Parker (Dec 12)
Compile Bug in FreeBSD 8.x with Snort-2.9.7.x Bill Parker (Nov 03)
Carter Waxman (cwaxman)
Re: Snort 2.9.7 is now available Carter Waxman (cwaxman) (Oct 23)
Re: Developing a TCP/IP connections statistics plugin Carter Waxman (cwaxman) (Oct 28)
Re: Snort 2.9.7.0 unable to find daq Carter Waxman (cwaxman) (Oct 30)
Re: protected_content and replace? Carter Waxman (cwaxman) (Oct 27)
Re: Snort 2.9.7.0 unable to find daq Carter Waxman (cwaxman) (Oct 30)
Re: ERSPAN and IDS Carter Waxman (cwaxman) (Oct 02)
Cary Townsend
Rules updates broken? Cary Townsend (Dec 10)
Re: Rules updates broken? Cary Townsend (Dec 12)
Re: Rules updates broken? Cary Townsend (Dec 12)
Re: Rules updates broken? Cary Townsend (Dec 15)
Ceejay Cervantes
Re: 93.184.215.200 black listed IP address Ceejay Cervantes (Oct 06)
93.184.215.200 black listed IP address Ceejay Cervantes (Oct 06)
Charlie Heselton
Re: Inline snort negative impact on network Charlie Heselton (Nov 13)
Inline snort negative impact on network Charlie Heselton (Nov 12)
Re: Inline snort negative impact on network Charlie Heselton (Nov 13)
Re: Snort inline afpaquet slow network Charlie Heselton (Nov 11)
Re: Inline snort negative impact on network Charlie Heselton (Nov 13)
Re: Inline snort negative impact on network Charlie Heselton (Nov 13)
Re: Inline snort negative impact on network Charlie Heselton (Nov 13)
chozy fachrul
Genetic Algorithm Integration to Snort in Debian 6 chozy fachrul (Oct 07)
Implementation Genetic Algorithm to Snort chozy fachrul (Oct 07)
C. L. Martinez
Re: lots of alerts on so rule "possible DGA detected" C. L. Martinez (Nov 25)
Status of Razorback project C. L. Martinez (Oct 26)
Change sid number with pulledpork C. L. Martinez (Oct 21)
Re: About syslog messages in snort C. L. Martinez (Nov 21)
Errors initializing Snort with netmap support C. L. Martinez (Oct 29)
Debug errors with Openappid and Snort 2.9.7.0 C. L. Martinez (Oct 29)
Re: Errors initializing Snort with netmap support C. L. Martinez (Nov 11)
Using OpenAppid generated info C. L. Martinez (Dec 02)
Re: Pulledpork doesn't creates sid-msg.map properly C. L. Martinez (Oct 13)
Re: About syslog messages in snort C. L. Martinez (Nov 21)
Re: Pulledpork doesn't creates sid-msg.map properly C. L. Martinez (Oct 13)
Re: Errors initializing Snort with netmap support C. L. Martinez (Oct 29)
Pulledpork doesn't creates sid-msg.map properly C. L. Martinez (Oct 13)
Re: Pulledpork doesn't creates sid-msg.map properly C. L. Martinez (Oct 13)
About syslog messages in snort C. L. Martinez (Nov 20)
Colony.Three
Re: Ignoring Backups - TCP Stateful? Colony.Three (Dec 05)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 29)
Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 28)
Ignoring Backups - TCP Stateful? colony.three (Dec 03)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 29)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 27)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 29)
Re: Ignoring Backups - TCP Stateful? Colony.Three (Dec 05)
Re: Ignoring Backups - TCP Stateful? Colony.Three (Dec 03)
ET SHELLCODE Possible Call with No Offset UDP Shellcode Colony.Three (Dec 08)
Re: Ignoring Backups - TCP Stateful? Colony.Three (Dec 05)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 29)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 30)
Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 27)
Re: Ignoring Backups - TCP Stateful? Colony.Three (Dec 04)
Re: Ignoring Backups - TCP Stateful? Colony.Three (Dec 05)
Re: Ignoring Backups - TCP Stateful? Colony.Three (Dec 05)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 29)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 27)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 29)
Re: Modifying Rules Works One Direction, but Not T'Other colony.three (Nov 29)
Dan Rieille
SID 29999 Dan Rieille (Nov 06)
Dan Roberts
(smtp) Attempted response buffer overflow Dan Roberts (Dec 03)
David Bryant
Snort sigs for BlackEnergy v3 / lite David Bryant (Oct 10)
Deepak Yadav
The DAQ version does not support reload Deepak Yadav (Oct 03)
Dmitry Melekhov
error 500 last several days Dmitry Melekhov (Dec 11)
Doug Burks
Re: Ignoring Backups - TCP Stateful? Doug Burks (Dec 05)
Re: pf_ring, openfpc, snort and snorby Doug Burks (Dec 03)
Re: SNORT-Multiple sensors+SNORBY Doug Burks (Nov 25)
Re: Ignoring Backups - TCP Stateful? Doug Burks (Dec 05)
Re: Modifying Rules Works One Direction, but Not T'Other Doug Burks (Nov 29)
Re: Snorby usage Doug Burks (Nov 05)
Re: Ignoring Backups - TCP Stateful? Doug Burks (Dec 04)
Re: Ignoring Backups - TCP Stateful? Doug Burks (Dec 05)
Re: Modifying Rules Works One Direction, but Not T'Other Doug Burks (Nov 29)
Re: Modifying Rules Works One Direction, but Not T'Other Doug Burks (Nov 29)
Re: Rules updates broken? Doug Burks (Dec 11)
Re: Ignoring Backups - TCP Stateful? Doug Burks (Dec 03)
Re: Ignoring Backups - TCP Stateful? Doug Burks (Dec 05)
Re: Ignoring Backups - TCP Stateful? Doug Burks (Dec 05)
Re: Modifying Rules Works One Direction, but Not T'Other Doug Burks (Nov 29)
Re: Modifying Rules Works One Direction, but Not T'Other Doug Burks (Nov 30)
Re: Modifying Rules Works One Direction, but Not T'Other Doug Burks (Nov 29)
Duane Howard
many rules with good fast_pattern vs. single rule with pcre Duane Howard (Dec 29)
Ed Borgoyn (eborgoyn)
Re: byte_extract addition? Ed Borgoyn (eborgoyn) (Oct 09)
Re: Snort-devel Digest, Vol 99, Issue 3 Ed Borgoyn (eborgoyn) (Oct 09)
FW: hi Ed Borgoyn (eborgoyn) (Oct 07)
Edwin Smulders
Re: ipvar EXTERNAL_NET Edwin Smulders (Nov 18)
elof
Re: Rules updates broken? elof (Dec 11)
Error building snort 2.9.7.0 on FreeBSD elof (Nov 03)
Missing all dynamic files - snort won't start (fwd) elof (Nov 06)
Could not add event to decoderActionQ elof (Dec 11)
Re: Snort 3.0 Alpha 1 b130 Now Available elof (Dec 15)
Missing all dynamic files - snort won't start elof (Nov 05)
Re: Missing all dynamic files - snort won't start elof (Nov 10)
Re: Error building snort 2.9.7.0 on FreeBSD elof (Nov 03)
Re: Could not add event to decoderActionQ elof (Dec 17)
Re: Error building snort 2.9.7.0 on FreeBSD elof (Nov 03)
elof2
Re: Unable to kill a non-zombie process with -9 (fwd) elof2 (Oct 15)
Re: Unable to kill a non-zombie process with -9 elof2 (Oct 31)
Emilio Joel Macias
snort kvm network Emilio Joel Macias (Dec 21)
Eugeniu Babin
worms detection Eugeniu Babin (Dec 08)
Giancarlo Capone
Information Request about snort unix socket Giancarlo Capone (Oct 26)
Information Request about snort unix socket (unixSock) Giancarlo Capone (Oct 27)
Unix Socket problem to compile C code provided in README.UNSOCK file Giancarlo Capone (Nov 04)
Greg Kay
Re: SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm Greg Kay (Oct 15)
SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm Greg Kay (Oct 15)
greg . mcnathansonsnuf003
Re: negation of appid keyword greg . mcnathansonsnuf003 (Dec 03)
negation of appid keyword greg . mcnathansonsnuf003 (Dec 03)
Hafez Kamal
[HITB-Announce] #HITB2015AMS Call for Papers is Open Hafez Kamal (Dec 09)
Hanson.Webster
Unable to update Snort signatures Hanson.Webster (Oct 17)
Re: SNORT version lifecycle Hanson.Webster (Oct 20)
Unable to update Snort signatures Hanson.Webster (Oct 17)
Manually download and install Snort Rules updates Hanson.Webster (Oct 20)
SNORT version lifecycle Hanson.Webster (Oct 20)
Re: Manually download and install Snort Rules updates Hanson.Webster (Oct 20)
Re: SNORT version lifecycle Hanson.Webster (Oct 20)
Re: SNORT version lifecycle Hanson.Webster (Oct 20)
Heine Lysemose
Re: Cert error on snort.org Heine Lysemose (Dec 05)
Re: Cert error on snort.org Heine Lysemose (Dec 05)
hitesh menghani
Re: [Snort]Linux system non-accessible after sometime hitesh menghani (Oct 30)
[Snort]Linux system non-accessible after sometime hitesh menghani (Oct 28)
Hui cao
Re: Snort 2.9.7.0 enters into infinity loop getApplicationData Hui cao (Dec 02)
Re: Snort REACT Response Hui cao (Dec 02)
Re: Fwd: [Snort-users] ERROR: 'debug-pkts' is an invalid option to the 'config ppm:' configuration Hui cao (Oct 01)
Hui Cao (huica)
Re: Snort REACT Response Hui Cao (huica) (Dec 03)
Re: Problems configuring react: msg; Hui Cao (huica) (Nov 26)
Re: Snort 2.9.7.0 enters into infinity loop getApplicationData Hui Cao (huica) (Nov 24)
Hyunseok
Re: question about paf Hyunseok (Dec 18)
question about paf Hyunseok (Dec 18)
Iain Lorimer
Re: ipvar EXTERNAL_NET Iain Lorimer (Nov 19)
Snort not logging /VAR/LOG/SNORT alerts after Nessus scan Iain Lorimer (Nov 18)
Ian
Re: Barnyard2 and Snortsam for 2.9.7.0 Ian (Dec 15)
Jack Chuong
Need help about Snort - rate_filter Jack Chuong (Nov 24)
Jaime Blasco
Re: Help Regarding Snort : Capturing traffic in KDD cup 1999 dataset format. Jaime Blasco (Nov 05)
James
Re: [Snort-openappid] AppId quickstart James (Oct 24)
Re: where to find the README.* document files? James (Oct 25)
Re: AppId quickstart James (Oct 24)
AppId quickstart James (Oct 24)
James Espinosa
Re: [Emerging-Sigs] Wirelurker A and B James Espinosa (Nov 06)
James Lay
Re: Snort 2.9.7.0 unable to find daq James Lay (Oct 31)
Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules James Lay (Nov 11)
Re: Unknown rule option sip_header James Lay (Oct 01)
Re: Snort 2.9.7.0 unable to find daq James Lay (Oct 30)
Re: Snort with AFPacket James Lay (Nov 04)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules James Lay (Nov 11)
Re: PulledPork recent issue James Lay (Oct 09)
Re: Unable to update signatures for 2.9.6.1 James Lay (Nov 17)
Re: Some Snort beginner questions James Lay (Oct 31)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules James Lay (Nov 11)
Re: trouble with online mode James Lay (Dec 14)
Snort 2.9.7.0 unable to find daq James Lay (Oct 30)
Re: Snort with AFPacket James Lay (Nov 03)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules James Lay (Nov 11)
Unknown rule option sip_header James Lay (Oct 01)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules James Lay (Nov 11)
Re: Snort with AFPacket James Lay (Nov 03)
Re: [Emerging-Sigs] Malicious swf sig James Lay (Dec 10)
Re: PulledPork recent issue James Lay (Oct 09)
Feasibility question James Lay (Dec 04)
Re: Comparison of extracted value between packets James Lay (Dec 16)
Re: Feasibility question James Lay (Dec 04)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules James Lay (Nov 11)
PulledPork recent issue James Lay (Oct 09)
Re: PulledPork recent issue James Lay (Oct 09)
Malicious swf sig James Lay (Dec 10)
Re: Snort 2.9.7.0 unable to find daq James Lay (Oct 31)
Re: Unknown rule option sip_header James Lay (Oct 01)
Re: Unknown rule option sip_header James Lay (Oct 01)
Re: snort rpc_decode James Lay (Nov 12)
Re: Snort with AFPacket James Lay (Nov 03)
Re: Some Snort beginner questions James Lay (Nov 05)
Re: Unable to update Snort signatures James Lay (Oct 17)
Re: BPF Filters James Lay (Nov 14)
Re: PulledPork recent issue James Lay (Oct 09)
Re: Unknown rule option sip_header James Lay (Oct 01)
Re: 93.184.215.200 black listed IP address James Lay (Oct 06)
Re: Snort App Logs (not alerts) James Lay (Oct 16)
Wirelurker A and B James Lay (Nov 06)
Re: Snort with AFPacket James Lay (Nov 04)
Re: [Emerging-Sigs] Malicious swf sig James Lay (Dec 10)
Re: [Emerging-Sigs] Malicious swf sig James Lay (Dec 10)
Assist with FrameworkPOS sig James Lay (Oct 15)
Re: Assist with FrameworkPOS sig James Lay (Oct 15)
Re: [Emerging-Sigs] Wirelurker A and B James Lay (Nov 06)
Jamie Riden
Re: SID:32124 BLACKLIST Win.Backdoor.Upatre SSL Cert inbound Jamie Riden (Oct 13)
Jeremy Hoel
Re: Snort.org confirmation email Jeremy Hoel (Oct 07)
Re: pf_ring, openfpc, snort and snorby Jeremy Hoel (Dec 03)
Re: Unknown rule option sip_header Jeremy Hoel (Oct 01)
Re: Protected content Jeremy Hoel (Dec 15)
Re: What is URL of Signature and Rule Lookup? Jeremy Hoel (Oct 25)
Re: Unknown rule option sip_header Jeremy Hoel (Oct 01)
Re: Error 500 today? Jeremy Hoel (Dec 05)
Re: Proposed update to 1:28039 Jeremy Hoel (Dec 19)
Re: SNORT-Multiple sensors+SNORBY Jeremy Hoel (Nov 25)
Re: SNORT + PulledPork: FATAL ERROR: ... Invalid configuration line Jeremy Hoel (Dec 19)
Re: pf_ring, openfpc, snort and snorby Jeremy Hoel (Dec 02)
Re: Barnyard configuration problem Jeremy Hoel (Nov 22)
Re: Acidbase frontend does not show IPv6 alerts? Jeremy Hoel (Oct 14)
Jeremy Scott
SID 32186 Jeremy Scott (Oct 15)
Jeronimo L. Cabral
Custom signature question Jeronimo L. Cabral (Oct 08)
Jiahua Yu
Re: ERROR: 'debug-pkts' is an invalid option to the 'config ppm:' configuration Jiahua Yu (Oct 01)
Measuring the delay introduced by Snort Jiahua Yu (Oct 03)
ERROR: 'debug-pkts' is an invalid option to the 'config ppm:' configuration Jiahua Yu (Oct 01)
Measuring the delay caused by snort Jiahua Yu (Oct 06)
Jim Garrison
Latest snort/daq binaries for centos 6? Jim Garrison (Oct 23)
Some Snort beginner questions Jim Garrison (Oct 31)
"no return statement in function returning non-void" warnings when building snort Jim Garrison (Oct 23)
Re: Some Snort beginner questions Jim Garrison (Nov 05)
Joe Gedeon
Re: SID:32124 BLACKLIST Win.Backdoor.Upatre SSL Cert inbound Joe Gedeon (Oct 10)
SID:32124 BLACKLIST Win.Backdoor.Upatre SSL Cert inbound Joe Gedeon (Oct 10)
Re: SID:32124 BLACKLIST Win.Backdoor.Upatre SSL Cert inbound Joe Gedeon (Oct 13)
Re: SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm Joe Gedeon (Oct 15)
Joel Cornett (jocornet)
Re: Snort Error Joel Cornett (jocornet) (Dec 19)
Re: Snort Error Joel Cornett (jocornet) (Dec 19)
Joel Esler
Re: How to port Snort with Android OS Joel Esler (Dec 23)
Re: Do you have port 443 in $HTTP_PORTS and ttp_inspect_server? Joel Esler (Nov 21)
Joel Esler (jesler)
Re: What is URL of Signature and Rule Lookup? Joel Esler (jesler) (Oct 25)
Snort Blog: Snort FAQ is now on Snort.org! Joel Esler (jesler) (Dec 01)
Re: snort syslog and barnyard2 Joel Esler (jesler) (Oct 01)
Re: config problem Joel Esler (jesler) (Dec 21)
Re: where to find the README.* document files? Joel Esler (jesler) (Oct 25)
Re: Issue with pcre Joel Esler (jesler) (Oct 06)
Re: Some Snort beginner questions Joel Esler (jesler) (Oct 31)
Re: What is URL of Signature and Rule Lookup? Joel Esler (jesler) (Oct 25)
Re: Process to submit bugs? Joel Esler (jesler) (Nov 03)
Re: worms detection Joel Esler (jesler) (Dec 08)
Re: SNORT version lifecycle Joel Esler (jesler) (Oct 20)
Re: Status of Razorback project Joel Esler (jesler) (Oct 27)
Re: Modifying Rules Works One Direction, but Not T'Other Joel Esler (jesler) (Nov 29)
Re: Change sid number with pulledpork Joel Esler (jesler) (Oct 21)
Re: Custom signature question Joel Esler (jesler) (Oct 09)
Re: Rules updates broken? Joel Esler (jesler) (Dec 12)
Re: snort syslog and barnyard2 Joel Esler (jesler) (Oct 01)
Re: Error 500 today? Joel Esler (jesler) (Dec 15)
Fwd: [Snort-users] ERROR: 'debug-pkts' is an invalid option to the 'config ppm:' configuration Joel Esler (jesler) (Oct 01)
Re: Rules updates broken? Joel Esler (jesler) (Dec 11)
Re: Example conf file missing for 2.9.7.0 in website Joel Esler (jesler) (Nov 03)
Re: PulledPork recent issue Joel Esler (jesler) (Oct 09)
Re: Sid 21858 Joel Esler (jesler) (Oct 15)
Re: Proposed update to 1:28039 Joel Esler (jesler) (Dec 22)
Re: Modifying Rules Works One Direction, but Not T'Other Joel Esler (jesler) (Nov 29)
Snort.org Joel Esler (jesler) (Dec 05)
Re: Daq module for wndows Joel Esler (jesler) (Dec 08)
Re: Daq module for wndows Joel Esler (jesler) (Dec 09)
Re: Snort-devel Digest, Vol 99, Issue 6 Joel Esler (jesler) (Oct 22)
Re: SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm Joel Esler (jesler) (Oct 15)
Re: Issue with pcre Joel Esler (jesler) (Oct 06)
Re: Help Regarding Snort : Capturing traffic in KDD cup 1999 dataset format. Joel Esler (jesler) (Nov 05)
Re: Rules updates broken? Joel Esler (jesler) (Dec 15)
Re: Problem with Content rule option Joel Esler (jesler) (Dec 17)
Re: Error 500 today? Joel Esler (jesler) (Dec 15)
Re: APT28 Snort Signatures Joel Esler (jesler) (Oct 28)
Re: Example conf file missing for 2.9.7.0 in website Joel Esler (jesler) (Nov 03)
Re: Get Invalid Configuration in blacklist.rules when restart Snort Joel Esler (jesler) (Oct 06)
Re: many rules with good fast_pattern vs. single rule with pcre Joel Esler (jesler) (Dec 29)
Re: Unknown rule option sip_header Joel Esler (jesler) (Oct 01)
Re: Poodle Signatures Joel Esler (jesler) (Oct 28)
Re: Slow snort startup, plus flowbit issues Joel Esler (jesler) (Oct 06)
Re: Sourcefire VRT Certified Snort Rules Update 2014-10-30 Joel Esler (jesler) (Oct 30)
Re: SID:32124 BLACKLIST Win.Backdoor.Upatre SSL Cert inbound Joel Esler (jesler) (Oct 13)
Re: Debug errors with Openappid and Snort 2.9.7.0 Joel Esler (jesler) (Oct 29)
Re: Snort 3.0 Alpha 1 b130 Now Available Joel Esler (jesler) (Dec 11)
Re: Snort Error Joel Esler (jesler) (Dec 19)
Re: What is URL of Signature and Rule Lookup? Joel Esler (jesler) (Oct 25)
Re: SNORT version lifecycle Joel Esler (jesler) (Oct 20)
Re: negation of appid keyword Joel Esler (jesler) (Dec 03)
Re: Get Invalid Configuration in blacklist.rules when restart Snort Joel Esler (jesler) (Oct 06)
Re: CVE-2014-8104 Joel Esler (jesler) (Dec 04)
Re: Rules updates broken? Joel Esler (jesler) (Dec 12)
Re: Snort's capabilities Joel Esler (jesler) (Dec 10)
Re: SID:32124 BLACKLIST Win.Backdoor.Upatre SSL Cert inbound Joel Esler (jesler) (Oct 10)
Re: Snort sigs for BlackEnergy v3 / lite Joel Esler (jesler) (Oct 10)
Re: AppId quickstart Joel Esler (jesler) (Oct 24)
Re: Feasibility question Joel Esler (jesler) (Dec 04)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules Joel Esler (jesler) (Nov 11)
Re: Fast Pattern Matcher not using http_raw_* content strings? Joel Esler (jesler) (Oct 01)
Re: Barnyard2 and Snortsam for 2.9.7.0 Joel Esler (jesler) (Dec 15)
Re: Snort++ Extras Joel Esler (jesler) (Dec 16)
Re: Unable to update Snort signatures Joel Esler (jesler) (Oct 17)
Re: NTP rule? Joel Esler (jesler) (Dec 23)
Re: 93.184.215.200 black listed IP address Joel Esler (jesler) (Oct 06)
Re: Snort 3.0 Alpha 1 b130 Now Available Joel Esler (jesler) (Dec 15)
Re: Information Request about snort unix socket (unixSock) Joel Esler (jesler) (Oct 27)
Re: Example conf file missing for 2.9.7.0 in website Joel Esler (jesler) (Nov 05)
Re: fast_pattern not always longest content string by default? Joel Esler (jesler) (Oct 23)
Re: 93.184.215.200 black listed IP address Joel Esler (jesler) (Oct 06)
Re: NTP rule? Joel Esler (jesler) (Dec 23)
Joey Moe
Re: Snort, barnyard2, snorby issue Joey Moe (Oct 03)
Snort, barnyard2, snorby issue Joey Moe (Oct 03)
John Babio
vlan agnostic not working John Babio (Nov 04)
John Hally
Re: snort syslog and barnyard2 John Hally (Oct 01)
snort syslog and barnyard2 John Hally (Oct 01)
John York
NTP rule? John York (Dec 23)
José Luis Rodríguez Rodríguez
predefined rules José Luis Rodríguez Rodríguez (Oct 15)
Josh Rosenbaum (jrosenba)
Re: dpx-1.6 / snort 2.9.7.0 problem? Josh Rosenbaum (jrosenba) (Nov 07)
Re: fast_pattern not always longest content string by default? Josh Rosenbaum (jrosenba) (Oct 22)
Re: Missing all dynamic files - snort won't start Josh Rosenbaum (jrosenba) (Nov 10)
Re: Trying to develop a systemd snort script, running into errors removing/creating pid files Josh Rosenbaum (jrosenba) (Oct 23)
Re: Stream6 PAF callback function sharing (void **user) argument issue. Josh Rosenbaum (jrosenba) (Nov 06)
Re: fast_pattern not always longest content string by default? Josh Rosenbaum (jrosenba) (Dec 09)
Joshua Kinard
protected_content and replace? Joshua Kinard (Oct 25)
Re: fast_pattern not always longest content string by default? Joshua Kinard (Oct 22)
Re: protected_content and replace? Joshua Kinard (Oct 27)
Joyabrata Ghosh
barnyard2: Unable to open directory '/var/log/snort' and Unable to find the next spool file! Joyabrata Ghosh (Nov 11)
Juan Jesus Prieto
Re: troubleshooting dead snort Juan Jesus Prieto (Dec 16)
Re: Multiple Instances of SNORT Juan Jesus Prieto (Oct 03)
Jutichai Thongkrachai
Re: Get Invalid Configuration in blacklist.rules when restart Snort Jutichai Thongkrachai (Oct 06)
Get Invalid Configuration in blacklist.rules when restart Snort Jutichai Thongkrachai (Oct 05)
Snort doesn't generate unified2 alert log Jutichai Thongkrachai (Oct 07)
Re: What is URL of Signature and Rule Lookup? Jutichai Thongkrachai (Oct 25)
Which NIC Offload Properties should I turn them on or off to make Snort logging work? Jutichai Thongkrachai (Oct 01)
Re: What is URL of Signature and Rule Lookup? Jutichai Thongkrachai (Oct 25)
Re: Get Invalid Configuration in blacklist.rules when restart Snort Jutichai Thongkrachai (Oct 07)
What is URL of Signature and Rule Lookup? Jutichai Thongkrachai (Oct 25)
Re: A size of log file is zero although there is an attack Jutichai Thongkrachai (Oct 03)
kestutis.malakauskas
Re: lots of alerts on so rule "possible DGA detected" kestutis.malakauskas (Nov 25)
kruti choksi
Re: Help Regarding Snort : Capturing traffic in KDD cup 1999 dataset format. kruti choksi (Nov 05)
Help Regarding Snort : Capturing traffic in KDD cup 1999 dataset format. kruti choksi (Nov 05)
Kurzawa, Kevin
Re: How many rules read / active? Kurzawa, Kevin (Nov 07)
Re: Snort App Logs (not alerts) Kurzawa, Kevin (Oct 16)
Snort App Logs (not alerts) Kurzawa, Kevin (Oct 16)
Re: Snort App Logs (not alerts) Kurzawa, Kevin (Oct 16)
Re: Port problems in a rule Kurzawa, Kevin (Oct 20)
Port problems in a rule Kurzawa, Kevin (Oct 17)
L0rd Ch0de1m0rt
Do you have port 443 in $HTTP_PORTS and http_inspect_server? L0rd Ch0de1m0rt (Nov 21)
Leo Miao
Poodle Signatures Leo Miao (Oct 28)
Leon Ward (leonward)
Re: pf_ring, openfpc, snort and snorby Leon Ward (leonward) (Dec 05)
lists
Re: Issue with pcre lists (Oct 06)
Re: Issue with pcre lists (Oct 06)
Re: Issue with pcre lists (Oct 06)
Re: Issue with pcre lists (Oct 06)
Re: Issue with pcre lists (Oct 06)
Re: Issue with pcre lists (Oct 06)
lists () packetmail net
Re: Unable to update Snort signatures lists () packetmail net (Oct 17)
Re: File size lists () packetmail net (Oct 30)
Livio Ricciulli
Re: troubleshooting dead snort Livio Ricciulli (Dec 16)
Lukas Matt
Shellshock CVE 2014-6271 Lukas Matt (Oct 09)
Re: Shellshock CVE 2014-6271 Lukas Matt (Oct 09)
CVE-2014-8104 Lukas Matt (Dec 04)
Marcelo Garcia
Re: Acidbase frontend does not show IPv6 alerts? Marcelo Garcia (Oct 15)
Acidbase frontend does not show IPv6 alerts? Marcelo Garcia (Oct 13)
Mark Greenman
Problem with Content rule option Mark Greenman (Dec 17)
Fwd: Problem with Content rule option Mark Greenman (Dec 19)
snort daqs capabilities Mark Greenman (Dec 08)
Problem with content option Mark Greenman (Dec 28)
http_inspect works incorrectly Mark Greenman (Dec 13)
Marty Roesch (maroesch)
Re: SPADE preprocessor Marty Roesch (maroesch) (Oct 08)
Matheus Condi'ez
Re: pf_ring, openfpc, snort and snorby Matheus Condi'ez (Dec 05)
Re: pf_ring, openfpc, snort and snorby Matheus Condi'ez (Dec 03)
Re: Snort, barnyard2, snorby issue Matheus Condi'ez (Dec 21)
Re: pf_ring, openfpc, snort and snorby Matheus Condi'ez (Dec 05)
Re: pf_ring, openfpc, snort and snorby Matheus Condi'ez (Dec 03)
pf_ring, openfpc, snort and snorby Matheus Condi'ez (Dec 02)
McGlamery, Russell
Re: SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm McGlamery, Russell (Oct 15)
Re: SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm McGlamery, Russell (Oct 15)
Re: SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm McGlamery, Russell (Oct 15)
Michael Altizer
Re: Snort 2.9.7 is now available Michael Altizer (Nov 11)
Re: Snort missing C99 patch Michael Altizer (Nov 21)
Re: Crash while running snort-3.0.0-a1 with netmap Michael Altizer (Dec 15)
Re: Errors initializing Snort with netmap support Michael Altizer (Nov 13)
Re: Compile Bug in FreeBSD 8.x with Snort-2.9.7.x Michael Altizer (Nov 11)
Re: Errors initializing Snort with netmap support Michael Altizer (Nov 11)
Re: Snort missing C99 patch Michael Altizer (Nov 21)
Re: Compile Bug in FreeBSD 8.x with Snort-2.9.7.x Michael Altizer (Nov 14)
Michael Steele
BASE 1.4.5 - browsing Previous and Next events not working? Michael Steele (Oct 11)
Michael Wisniewski
Re: Snort.org Michael Wisniewski (Dec 05)
Cert error on snort.org Michael Wisniewski (Dec 05)
Mike Cox
Re: Fast Pattern Matcher not using http_raw_* content strings? Mike Cox (Oct 01)
Re: fast_pattern not always longest content string by default? Mike Cox (Dec 02)
byte_extract addition? Mike Cox (Oct 09)
Variables don't need dollar sign in sig? Mike Cox (Nov 13)
Re: fast_pattern not always longest content string by default? Mike Cox (Oct 23)
fast_pattern not always longest content string by default? Mike Cox (Oct 22)
Re: fast_pattern not always longest content string by default? Mike Cox (Nov 12)
Mitesh Jadia
Stream6 PAF callback function sharing (void **user) argument issue. Mitesh Jadia (Nov 03)
Re: how to use stream5 reassembler to reassemble tcp packet? Mitesh Jadia (Nov 06)
Re: Regular Expression Matching in Snort Rules Mitesh Jadia (Oct 16)
Email mime part data_state reassembly problem Mitesh Jadia (Dec 08)
Re: Regular Expression Matching in Snort Rules Mitesh Jadia (Oct 16)
ML mail
S5: Pruned session from cache that was using X bytes (stale/timeout). ML mail (Oct 13)
Mohammed Sahib
SNORT-Multiple sensors+SNORBY Mohammed Sahib (Nov 25)
Mohiuddin Ebna Kawsar
how to use stream5 reassembler to reassemble tcp packet? Mohiuddin Ebna Kawsar (Nov 06)
mohsen Abbaspour
hi mohsen Abbaspour (Oct 11)
hi mohsen Abbaspour (Oct 07)
mongi . benali
snort inline install mongi . benali (Dec 29)
Muhammad Ridwan Zalbina
Re: Snort-devel Digest, Vol 98, Issue 7 Muhammad Ridwan Zalbina (Oct 01)
Snort and core rules Muhammad Ridwan Zalbina (Oct 16)
Re: Snort-devel Digest, Vol 99, Issue 3 Muhammad Ridwan Zalbina (Oct 08)
Re: Snort-devel Digest, Vol 99, Issue 6 Muhammad Ridwan Zalbina (Oct 22)
Re: Snort-devel Digest, Vol 99, Issue 6 Muhammad Ridwan Zalbina (Oct 22)
Muhammad Talha Abdul Rashid
Fwd: Rules for detecting IEC61850 GOOSE messages Muhammad Talha Abdul Rashid (Dec 14)
Rules for detecting IEC61850 GOOSE messages Muhammad Talha Abdul Rashid (Dec 14)
Nicholas Horton
Snort Rule Nicholas Horton (Oct 26)
Snort Rule Nicholas Horton (Oct 26)
Nick Randolph
Re: byte_test/byte_jump negative offsets Nick Randolph (Dec 22)
Re: SID 32186 Nick Randolph (Oct 15)
Nicolas Greneche
snaplen has no effect on "ip dgm len > captured len" Nicolas Greneche (Oct 20)
Oscar A
sig-id 1:26848:3 Oscar A (Oct 30)
Re: Sid 21858 Oscar A (Oct 15)
Re: File size Oscar A (Oct 30)
File size Oscar A (Oct 30)
Re: Sourcefire VRT Certified Snort Rules Update 2014-10-30 Oscar A (Oct 30)
Sid 21858 Oscar A (Oct 15)
Re: Sourcefire VRT Certified Snort Rules Update 2014-10-30 Oscar A (Oct 30)
Patrick Mullen
Re: Snort Segfault Patrick Mullen (Oct 07)
Re: lots of alerts on so rule "possible DGA detected" Patrick Mullen (Nov 25)
Re: Comparison of extracted value between packets Patrick Mullen (Dec 16)
Paulo Henrique Castro
Using Snort on Amazon AWS VPC Paulo Henrique Castro (Oct 03)
Peggs Randahl
ipvar EXTERNAL_NET Peggs Randahl (Nov 18)
Peter Fraser
Re: Snort REACT Response Peter Fraser (Dec 02)
Re: Snort REACT Response Peter Fraser (Dec 02)
Problems configuring react: msg; Peter Fraser (Nov 25)
Snort REACT Response Peter Fraser (Dec 01)
Re: Snort REACT Response Peter Fraser (Dec 02)
Peter Fyon
Re: Snort Segfault Peter Fyon (Oct 06)
Re: DAQ 2.0.2, NFQ - DAQ error when trying to start snort Peter Fyon (Oct 04)
Snort Segfault Peter Fyon (Oct 06)
Snort precompiled rule causes segfault Peter Fyon (Oct 06)
Phuong Cao
Developing a TCP/IP connections statistics plugin Phuong Cao (Oct 27)
Re: Developing a TCP/IP connections statistics plugin Phuong Cao (Oct 28)
Pradeep Mocherla
Snorby usage Pradeep Mocherla (Nov 05)
Praveen D
byte_test/byte_jump negative offsets Praveen D (Dec 18)
Re: byte_test/byte_jump negative offsets Praveen D (Dec 22)
Comparison of extracted value between packets Praveen D (Dec 03)
Re: Comparison of extracted value between packets Praveen D (Dec 16)
Re: Comparison of extracted value between packets Praveen D (Dec 18)
Priya Agarwal
Re: (no subject) Priya Agarwal (Oct 31)
(no subject) Priya Agarwal (Oct 31)
Re: (no subject) Priya Agarwal (Oct 31)
Snort 2.9.7.0 snort.conf unable to load rules from local.conf Priya Agarwal (Nov 03)
René Bauer
Re: Error 500 today? René Bauer (Dec 15)
Re: Rules updates broken? René Bauer (Dec 11)
Research
Sourcefire VRT Certified Snort Rules Update 2014-12-16 Research (Dec 16)
Sourcefire VRT Certified Snort Rules Update 2014-12-23 Research (Dec 23)
Sourcefire VRT Certified Snort Rules Update 2014-11-18 Research (Nov 18)
Sourcefire VRT Certified Snort Rules Update 2014-12-09 Research (Dec 09)
Sourcefire VRT Certified Snort Rules Update 2014-10-07 Research (Oct 07)
Sourcefire VRT Certified Snort Rules Update 2014-10-28 Research (Oct 28)
Sourcefire VRT Certified Snort Rules Update 2014-11-13 Research (Nov 13)
Sourcefire VRT Certified Snort Rules Update 2014-12-02 Research (Dec 02)
Sourcefire VRT Certified Snort Rules Update 2014-10-15 Research (Oct 15)
Sourcefire VRT Certified Snort Rules Update 2014-11-04 Research (Nov 04)
Sourcefire VRT Certified Snort Rules Update 2014-12-18 Research (Dec 18)
Sourcefire VRT Certified Snort Rules Update 2014-10-16 Research (Oct 16)
Sourcefire VRT Certified Snort Rules Update 2014-11-20 Research (Nov 20)
Sourcefire VRT Certified Snort Rules Update 2014-11-06 Research (Nov 06)
Sourcefire VRT Certified Snort Rules Update 2014-10-02 Research (Oct 02)
Sourcefire VRT Certified Snort Rules Update 2014-12-23 Research (Dec 23)
Sourcefire VRT Certified Snort Rules Update 2014-10-23 Research (Oct 23)
Sourcefire VRT Certified Snort Rules Update 2014-10-09 Research (Oct 09)
Sourcefire VRT Certified Snort Rules Update 2014-11-24 Research (Nov 24)
Sourcefire VRT Certified Snort Rules Update 2014-10-23 Research (Oct 23)
Sourcefire VRT Certified Snort Rules Update 2014-11-11 Research (Nov 11)
Sourcefire VRT Certified Snort Rules Update 2014-10-21 Research (Oct 21)
Sourcefire VRT Certified Snort Rules Update 2014-10-08 Research (Oct 08)
Sourcefire VRT Certified Snort Rules Update 2014-12-04 Research (Dec 04)
Sourcefire VRT Certified Snort Rules Update 2014-10-14 Research (Oct 14)
Sourcefire VRT Certified Snort Rules Update 2014-12-11 Research (Dec 11)
Sourcefire VRT Certified Snort Rules Update 2014-10-30 Research (Oct 30)
Rhoades.Jon
Re: Barnyard configuration problem Rhoades.Jon (Nov 22)
Richard Geddes
Odd http requests in the logs Richard Geddes (Nov 02)
rmkml
Re: [Emerging-Sigs] Wirelurker A and B rmkml (Nov 06)
Re: Snort Rule rmkml (Oct 27)
Re: Assist with FrameworkPOS sig rmkml (Oct 15)
Re: Snort 2.9.7 is now available rmkml (Oct 23)
Re: Assist with FrameworkPOS sig rmkml (Oct 15)
Robert Cotter
Re: SNORT and Emulex DAG Robert Cotter (Nov 13)
Re: Multiple Instances of SNORT Robert Cotter (Oct 02)
Robert Millott
troubleshooting dead snort Robert Millott (Dec 16)
Re: About syslog messages in snort Robert Millott (Nov 21)
Re: Trying to develop a systemd snort script, running into errors removing/creating pid files Robert Millott (Oct 27)
Re: About syslog messages in snort Robert Millott (Nov 21)
Re: Startup Script (init.d) Robert Millott (Oct 31)
Robert Pritchard
False positives for symcb.com Robert Pritchard (Oct 15)
Rob MacGregor
Re: Pulledpork doesn't creates sid-msg.map properly Rob MacGregor (Oct 13)
Rodgers, Anthony (DTMB)
Re: Proposed update to 1:28039 Rodgers, Anthony (DTMB) (Dec 22)
Proposed update to 1:28039 Rodgers, Anthony (DTMB) (Dec 19)
Re: Proposed update to 1:28039 Rodgers, Anthony (DTMB) (Dec 22)
Ron Haines
Shellshock Signatures Ron Haines (Oct 27)
Re: Shellshock Signatures Ron Haines (Oct 29)
RŌNIN
SNORT + PulledPork: FATAL ERROR: ... Invalid configuration line RŌNIN (Dec 19)
Re: SNORT + PulledPork: FATAL ERROR: ... Invalid configuration line RŌNIN (Dec 20)
Re: SNORT + PulledPork: FATAL ERROR: ... Invalid configuration line RŌNIN (Dec 21)
Ronny Vaningh
lots of alerts on so rule "possible DGA detected" Ronny Vaningh (Nov 25)
Russ Combs (rucombs)
Re: Missing Sanity Check for calloc() in Snort-3.0.0-a1 (round 2) Russ Combs (rucombs) (Dec 12)
Re: Snort 3.0 Alpha 1 b130 Now Available Russ Combs (rucombs) (Dec 11)
Re: Crash while cmake build snort-3.0.0-a1 Russ Combs (rucombs) (Dec 13)
Re: Crash while cmake build snort-3.0.0-a1 Russ Combs (rucombs) (Dec 15)
Re: Fwd: Issue Regarding Rate_filter Russ Combs (rucombs) (Nov 12)
Re: Fwd: Issue Regarding Rate_filter Russ Combs (rucombs) (Nov 12)
Re: Addition to snort_manual.pdf Russ Combs (rucombs) (Dec 12)
Re: question about paf Russ Combs (rucombs) (Dec 18)
Re: Snort++ Extras Russ Combs (rucombs) (Dec 16)
Re: Missing Sanity Check for calloc() in Snort-3.0.0-a1 (round 2) Russ Combs (rucombs) (Dec 15)
Re: question about paf Russ Combs (rucombs) (Dec 18)
Re: Protected content Russ Combs (rucombs) (Dec 16)
Re: Protected content Russ Combs (rucombs) (Dec 15)
Re: First packet X-Forwarded-For information and sending to a Unix Socket (Snort 2.9.2.1) Russ Combs (rucombs) (Dec 18)
Re: Missing Sanity Check for fseek() in Snort-3.0.0-a1 Russ Combs (rucombs) (Dec 12)
Re: Crash while running snort-3.0.0-a1 with netmap Russ Combs (rucombs) (Dec 13)
Re: Minor notes snort-3.0.0-a1 Russ Combs (rucombs) (Dec 15)
Re: Minor notes snort-3.0.0-a1 Russ Combs (rucombs) (Dec 13)
Re: Minor notes snort-3.0.0-a1 Russ Combs (rucombs) (Dec 13)
Re: Minor notes snort-3.0.0-a1 Russ Combs (rucombs) (Dec 13)
Re: ERROR: unknown logger alert_ex Russ Combs (rucombs) (Dec 16)
Re: DAQ 2.0.2, NFQ - DAQ error when trying to start snort Russ Combs (rucombs) (Oct 04)
Sabu Thaliyath
Re: [Snort-openappid] Gmail detection Sabu Thaliyath (Oct 31)
Re: Frequency of Compromised Hosts rule updates Sabu Thaliyath (Oct 30)
Re: [Snort-openappid] Gmail detection Sabu Thaliyath (Oct 31)
Frequency of Compromised Hosts rule updates Sabu Thaliyath (Oct 30)
Sam
Questions on Sig 31985 Sam (Oct 11)
Samad Najjar
Help_ Samad Najjar (Nov 06)
Sameera Osman
(no subject) Sameera Osman (Dec 28)
(no subject) Sameera Osman (Dec 29)
Savakh S
Snort's capabilities Savakh S (Dec 10)
Sean Cavanaugh
Re: Issue with pcre Sean Cavanaugh (Oct 06)
Issue with pcre Sean Cavanaugh (Oct 06)
Sec Aficionado
Re: Snort with AFPacket Sec Aficionado (Nov 03)
Snort with AFPacket Sec Aficionado (Nov 03)
Process to submit bugs? Sec Aficionado (Nov 03)
Re: Process to submit bugs? Sec Aficionado (Nov 03)
Sec_Aficionado
Error when dumping so_rules with custom path using snort 2.9.7.0 Sec_Aficionado (Oct 31)
Re: Snort with AFPacket Sec_Aficionado (Nov 04)
Re: Barnyard2 and Snortsam for 2.9.7.0 Sec_Aficionado (Dec 15)
Re: trouble with online mode Sec_Aficionado (Dec 15)
Re: Some Snort beginner questions Sec_Aficionado (Nov 05)
Example conf file missing for 2.9.7.0 in website Sec_Aficionado (Nov 03)
Barnyard2 and Snortsam for 2.9.7.0 Sec_Aficionado (Dec 12)
Re: trouble with online mode Sec_Aficionado (Dec 13)
Re: Example conf file missing for 2.9.7.0 in website Sec_Aficionado (Nov 05)
Re: Error when dumping so_rules with custom path using snort 2.9.7.0 Sec_Aficionado (Nov 03)
Re: Snort with AFPacket Sec_Aficionado (Nov 03)
Shane Boissevain
First packet X-Forwarded-For information and sending to a Unix Socket (Snort 2.9.2.1) Shane Boissevain (Dec 18)
Sharif Uddin
Re: Snort, barnyard2, snorby issue Sharif Uddin (Oct 03)
Shirkdog
Re: Pulledpork doesn't creates sid-msg.map properly Shirkdog (Oct 13)
Re: PulledPork recent issue Shirkdog (Oct 09)
Re: [Snort-users] Trying to develop a systemd snort script, running into errors removing/creating pid files Shirkdog (Oct 23)
Re: Barnyard2 and Snortsam for 2.9.7.0 Shirkdog (Dec 12)
Re: PulledPork recent issue Shirkdog (Oct 09)
Re: SPADE preprocessor Shirkdog (Oct 07)
Re: Unknown rule option sip_header Shirkdog (Oct 01)
Re: Example conf file missing for 2.9.7.0 in website Shirkdog (Nov 03)
Re: snort syslog and barnyard2 Shirkdog (Oct 01)
Re: Pulledpork doesn't creates sid-msg.map properly Shirkdog (Oct 13)
Re: Unable to update Snort signatures Shirkdog (Oct 17)
sky rongo
Drop action behaves as if it's Reject action sky rongo (Nov 16)
Snort Releases
Snort 2.9.7 RC is now available Snort Releases (Oct 09)
Snort 2.9.7 is now available Snort Releases (Oct 23)
Snort 2.9.7 RC is now available Snort Releases (Oct 09)
Snort 2.9.7 is now available Snort Releases (Oct 23)
Snort 3.0 Alpha 1 b130 Now Available Snort Releases (Dec 11)
Snort 3.0 Alpha 1 b130 Now Available Snort Releases (Dec 11)
souber
Re: Snort 2.9.7.0 enters into infinity loop getApplicationData souber (Nov 24)
Snort 2.9.7.0 - probably memleak in HttpInspect souber (Dec 09)
Snort 2.9.7.0 enters into infinity loop getApplicationData souber (Nov 24)
Stark, Vernon L.
Re: Multiple Instances of SNORT Stark, Vernon L. (Oct 02)
Stephen Gantz
Re: Problem in configuring snort for inserting events in sql database Stephen Gantz (Nov 17)
Re: Get Invalid Configuration in blacklist.rules when restart Snort Stephen Gantz (Oct 06)
Re: barnyard2: Unable to open directory '/var/log/snort' and Unable to find the next spool file! Stephen Gantz (Nov 11)
Steve Gantz
Re: Snort Error Steve Gantz (Dec 19)
Steve Sturges (ststurge)
Re: fast_pattern not always longest content string by default? Steve Sturges (ststurge) (Oct 22)
Stuart Wyatt
Re: Snort.org confirmation email Stuart Wyatt (Oct 07)
Snort.org confirmation email Stuart Wyatt (Oct 07)
Terry John
Re: Snort missing C99 patch Terry John (Nov 21)
Snort missing C99 patch Terry John (Nov 21)
Re: Snort missing C99 patch Terry John (Nov 25)
Re: Snort missing C99 patch Terry John (Nov 21)
test engineer
Re: Startup Script (init.d) test engineer (Nov 05)
How many rules read / active? test engineer (Nov 05)
Re: Startup Script (init.d) test engineer (Nov 14)
SNORT and Emulex DAG test engineer (Nov 13)
Startup Script (init.d) test engineer (Oct 31)
Re: How many rules read / active? test engineer (Nov 07)
Re: Multiple Instances of SNORT test engineer (Oct 03)
Re: SNORT and Emulex DAG test engineer (Nov 14)
Re: Startup Script (init.d) test engineer (Nov 13)
Multiple Instances of SNORT test engineer (Oct 02)
Re: SNORT and Emulex DAG test engineer (Nov 14)
Re: Multiple Instances of SNORT test engineer (Oct 03)
Tho Le Phuoc
Re: Snort + DARPA Tho Le Phuoc (Oct 06)
Snort + DARPA Tho Le Phuoc (Oct 06)
Re: SPADE preprocessor Tho Le Phuoc (Oct 07)
SPADE preprocessor Tho Le Phuoc (Oct 07)
Snort.AD http://anomalydetection.info/ Tho Le Phuoc (Oct 07)
Tony Robinson
APT28 Snort Signatures Tony Robinson (Oct 28)
Re: Example conf file missing for 2.9.7.0 in website Tony Robinson (Nov 03)
Re: Example conf file missing for 2.9.7.0 in website Tony Robinson (Nov 04)
Trying to develop a systemd snort script, running into errors removing/creating pid files Tony Robinson (Oct 23)
Re: [Snort-users] Trying to develop a systemd snort script, running into errors removing/creating pid files Tony Robinson (Oct 23)
Turnbough, Bradley E.
BPF Filters Turnbough, Bradley E. (Nov 14)
Re: Snort 3.0 Alpha 1 b130 Now Available Turnbough, Bradley E. (Dec 11)
Cnort 2.9.7.0 RPM builds for Centos 6 Turnbough, Bradley E. (Nov 06)
Re: BPF Filters Turnbough, Bradley E. (Nov 14)
simple email rule Turnbough, Bradley E. (Dec 08)
Venkataramesh Bontupalli
Re: Regular Expression Matching in Snort Rules Venkataramesh Bontupalli (Oct 16)
Regular Expression Matching in Snort Rules Venkataramesh Bontupalli (Oct 16)
Re: Regular Expression Matching in Snort Rules Venkataramesh Bontupalli (Oct 17)
vinay kadagave
FATAL error on the snort as" Snort[]: FATAL ERROR: Event6 type not yet supported!" vinay kadagave (Oct 03)
waldo kitty
Re: Snort + DARPA waldo kitty (Oct 06)
Re: Error when dumping so_rules with custom path using snort 2.9.7.0 waldo kitty (Nov 03)
Re: sig-id 1:26848:3 waldo kitty (Oct 31)
Re: Port problems in a rule waldo kitty (Oct 17)
Re: SPADE preprocessor waldo kitty (Oct 08)
Re: Sourcefire VRT Certified Snort Rules Update 2014-11-04 waldo kitty (Nov 04)
Re: SNORT + PulledPork: FATAL ERROR: ... Invalid configuration line waldo kitty (Dec 20)
Re: A size of log file is zero although there is an attack waldo kitty (Oct 04)
Re: File size waldo kitty (Oct 31)
Re: Snort sigs for BlackEnergy v3 / lite waldo kitty (Oct 10)
Re: Inline snort negative impact on network waldo kitty (Nov 13)
Re: Change sid number with pulledpork waldo kitty (Oct 21)
Re: Issue with pcre waldo kitty (Oct 06)
Re: Slow snort startup, plus flowbit issues waldo kitty (Oct 06)
Re: SNORT + PulledPork: FATAL ERROR: ... Invalid configuration line waldo kitty (Dec 20)
Re: The DAQ version does not support reload waldo kitty (Oct 03)
Re: Unknown rule option sip_header waldo kitty (Oct 01)
Re: Daq module for wndows waldo kitty (Dec 09)
Re: SNORT version lifecycle waldo kitty (Oct 20)
Re: ERROR: 'debug-pkts' is an invalid option to the 'config ppm:' configuration waldo kitty (Oct 01)
Re: lots of alerts on so rule "possible DGA detected" waldo kitty (Nov 25)
Re: SPADE preprocessor waldo kitty (Oct 07)
Re: Port problems in a rule waldo kitty (Oct 20)
Re: Rules updates broken? waldo kitty (Dec 10)
Re: Unknown rule option sip_header waldo kitty (Oct 01)
Re: Snort with AFPacket waldo kitty (Nov 03)
Re: Problem with Content rule option waldo kitty (Dec 18)
Re: [Snort-devel] Trying to develop a systemd snort script, running into errors removing/creating pid files waldo kitty (Oct 23)
Re: Snort with AFPacket waldo kitty (Nov 03)
Re: Error when dumping so_rules with custom path using snort 2.9.7.0 waldo kitty (Nov 01)
Re: where to find the README.* document files? waldo kitty (Oct 25)
Re: SNORT version lifecycle waldo kitty (Oct 20)
Re: Odd http requests in the logs waldo kitty (Nov 03)
Re: Frequency of Compromised Hosts rule updates waldo kitty (Oct 30)
Re: How many rules read / active? waldo kitty (Nov 05)
Re: Snort App Logs (not alerts) waldo kitty (Oct 16)
Re: Some Snort beginner questions waldo kitty (Nov 01)
Re: Unable to update signatures for 2.9.6.1 waldo kitty (Nov 17)
where to find the README.* document files? waldo kitty (Oct 25)
Re: Snort with AFPacket waldo kitty (Nov 04)
Re: Pulledpork doesn't creates sid-msg.map properly waldo kitty (Oct 13)
Re: S5: Pruned session from cache that was using X bytes (stale/timeout). waldo kitty (Oct 13)
Re: Modifying Rules Works One Direction, but Not T'Other waldo kitty (Nov 27)
Re: where to find the README.* document files? waldo kitty (Oct 25)
Re: Issue with pcre waldo kitty (Oct 06)
waleed bulajoul
Need your help waleed bulajoul (Oct 01)
Recall massage Need your help waleed bulajoul (Oct 01)
Snort Dropped Packets waleed bulajoul (Oct 01)
Will Metcalf
Re: [Emerging-Sigs] Malicious swf sig Will Metcalf (Dec 10)
XSign
Demand of snort output XSign (Nov 12)
xyz xyz
config problem xyz xyz (Dec 20)
Y M
Re: SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm Y M (Oct 15)
Re: Minor notes snort-3.0.0-a1 Y M (Dec 13)
Re: Minor notes snort-3.0.0-a1 Y M (Dec 15)
Crash while cmake build snort-3.0.0-a1 Y M (Dec 13)
Minor notes snort-3.0.0-a1 Y M (Dec 13)
Re: BPF Filters Y M (Nov 14)
Re: Manually download and install Snort Rules updates Y M (Oct 20)
Re: SID 32174 BLACKLIST DNS request for known malware domain sr.symcd.com - Osx.Backdoor.iWorm Y M (Oct 16)
ERROR: unknown logger alert_ex Y M (Dec 16)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules Y M (Nov 11)
Re: Inline snort negative impact on network Y M (Nov 12)
Crash while running snort-3.0.0-a1 with netmap Y M (Dec 13)
Re: Crash while running snort-3.0.0-a1 with netmap Y M (Dec 13)
Re: Snort + DARPA Y M (Oct 06)
Re: Snort++ Extras Y M (Dec 16)
Re: Snort++ Extras Y M (Dec 16)
Re: Problem with content option Y M (Dec 28)
Re: Inline snort negative impact on network Y M (Nov 13)
Re: Minor notes snort-3.0.0-a1 Y M (Dec 13)
Re: Inline snort negative impact on network Y M (Nov 13)
Re: Multiple Instances of SNORT Y M (Oct 02)
Re: (no subject) Y M (Dec 29)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules Y M (Nov 11)
Re: Unknown rule option sip_header Y M (Oct 01)
Re: Minor notes snort-3.0.0-a1 Y M (Dec 13)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules Y M (Nov 11)
Re: Crash while cmake build snort-3.0.0-a1 Y M (Dec 13)
Events output timestamps mismatch? Y M (Oct 13)
Re: Crash while running snort-3.0.0-a1 with netmap Y M (Dec 15)
Re: Snort Dropped Packets Y M (Oct 01)
Re: ERROR: unknown logger alert_ex Y M (Dec 16)
Re: SNORT version lifecycle Y M (Oct 20)
Re: Unknown rule option sip_header Y M (Oct 01)
Re: Inline snort negative impact on network Y M (Nov 14)
Re: Snort App Logs (not alerts) Y M (Oct 16)
Re: Snort++ Extras Y M (Dec 16)
Re: Upgrade to 2.9.7.0 results in Pulledpork not generating stub rules Y M (Nov 11)
Re: Unknown rule option sip_header Y M (Oct 01)
Re: How can I remove redundant entries from the database? Y M (Nov 11)
Re: Slow snort startup, plus flowbit issues Y M (Oct 06)
Re: snort inline install Y M (Dec 29)
Re: snort inline install Y M (Dec 29)
Re: Manually download and install Snort Rules updates Y M (Oct 20)
Zeeuw, L.V. de
dpx.c:260:27: no member named 'getRuntimePolicy' Zeeuw, L.V. de (Oct 30)
How to log dpx alerts/events using unified2, barnyard, mysql? Zeeuw, L.V. de (Nov 08)
dpx-1.6 / snort 2.9.7.0 problem? Zeeuw, L.V. de (Nov 04)
zT
problem zT (Dec 08)
بلغور چغندر
How do I log integrate Snort with Snort alienvault بلغور چغندر (Nov 10)