Snort mailing list archives
Re: sdf combination alert
From: "Al Lewis (allewi)" <allewi () cisco com>
Date: Tue, 10 Nov 2015 16:57:55 +0000
You get those alerts when snort sees what it believes is a combination of email addresses or social security numbers. http://manual.snort.org/node17.html#SECTION003217000000000000000 Albert Lewis QA Software Engineer SOURCEfire, Inc. now part of Cisco 9780 Patuxent Woods Drive Columbia, MD 21046 Phone: (office) 443.430.7112 Email: allewi () cisco com From: Adam Ring [mailto:adam.ring () AocSolutions com] Sent: Tuesday, November 10, 2015 11:47 AM To: Snort-sigs () lists sourceforge net Subject: [Snort-sigs] sdf combination alert Hi I have just installed snort and I am trying to figure out why I get the "sdf combination alert" and "sensitive-data email addresses" alert coming in several times almost every minute. I know that most of these if not all are false positives and was wondering which rule I would need to change to fix the alerts. Adam Ring IT Help Desk Techniction Office 703.677.9540 AOC Solutions<http://www.aocsolutions.com/> | Solutions That Pay(r) Blog<http://www.aocsolutions.com/blog> | Video<http://www.aocsolutions.com/ap-payment-automation-video> | LinkedIn<https://www.linkedin.com/company/139025?trk=tyah&trkInfo=clickedVertical%3Acompany%2Cidx%3A1-1-1%2CtarId%3A1436380782168%2Ctas%3Aaoc%20solutions> [cid:image001.png@01D11BAF.0635F040]<http://www.aocsolutions.com/about-aoc/aoc-in-the-news/aoc-named-top-workplace-by-washington-post> This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and attachments (if applicable) and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and strictly prohibited. You may be subject to confidentiality restrictions in an existing contract with AOC Solutions, Inc. As a result, you must protect the contents of this communication according to such terms and conditions.
------------------------------------------------------------------------------
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- sdf combination alert Adam Ring (Nov 10)
- Re: sdf combination alert Al Lewis (allewi) (Nov 10)