Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: sdf combination alert

From: "Al Lewis (allewi)" <allewi () cisco com>
Date: Tue, 10 Nov 2015 16:57:55 +0000
You get those alerts when snort sees what it believes is a combination of email addresses or social security numbers.

http://manual.snort.org/node17.html#SECTION003217000000000000000



Albert Lewis
QA Software Engineer
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi () cisco com

From: Adam Ring [mailto:adam.ring () AocSolutions com]
Sent: Tuesday, November 10, 2015 11:47 AM
To: Snort-sigs () lists sourceforge net
Subject: [Snort-sigs] sdf combination alert

Hi I have just installed snort and I am trying to figure out why I get the "sdf combination alert" and "sensitive-data 
email addresses" alert coming in several times almost every minute.  I know that  most of these if not all are false 
positives and was wondering which rule I would need to change to fix the alerts.

Adam Ring
IT Help Desk Techniction
Office 703.677.9540

AOC Solutions<http://www.aocsolutions.com/> | Solutions That Pay(r)

Blog<http://www.aocsolutions.com/blog> | Video<http://www.aocsolutions.com/ap-payment-automation-video> | 
LinkedIn<https://www.linkedin.com/company/139025?trk=tyah&trkInfo=clickedVertical%3Acompany%2Cidx%3A1-1-1%2CtarId%3A1436380782168%2Ctas%3Aaoc%20solutions>

[cid:image001.png@01D11BAF.0635F040]<http://www.aocsolutions.com/about-aoc/aoc-in-the-news/aoc-named-top-workplace-by-washington-post>







This e-mail and any attachments may contain confidential and privileged

information. If you are not the intended recipient, please notify the sender

immediately by return e-mail, delete this e-mail and attachments (if applicable)

and destroy any copies. Any dissemination or use of this information by a person

other than the intended recipient is unauthorized and strictly prohibited. You

may be subject to confidentiality restrictions in an existing contract with AOC

Solutions, Inc. As a result, you must protect the contents of this communication

according to such terms and conditions.


------------------------------------------------------------------------------

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: