Snort: by author
RSS Feed
About List
All Lists
Previous period
478 messages
starting Dec 15 16 and
ending Dec 02 16
Date index |
Thread index |
Author index
????
(no subject) ???? (Dec 15)
??????
Using snort-2.9.8.3.How to connect mariadb with a path like the following ? ?????? (Oct 22)
????????
ipvar range patch for snort 2.9.9.0 ???????? (Dec 28)
a bv
Razorback a bv (Oct 11)
Alberto ----
Re: include local.rules in snort.rules Alberto ---- (Nov 15)
Alex
About sf_dcerpc.dll Alex (Dec 19)
Alex Cermak
Re: Sig writing help Alex Cermak (Nov 20)
Sig writing help Alex Cermak (Nov 17)
Alex McDonnell
Re: Rules question Alex McDonnell (Dec 01)
Re: Snort-sigs Digest, Vol 127, Issue 22 Alex McDonnell (Dec 29)
Re: signature email list removal Alex McDonnell (Nov 16)
Al Lewis (allewi)
Re: tag:session problem Al Lewis (allewi) (Nov 25)
Re: ERROR: Can't initialize DAQ pcap (-1) - truncated dump file; tried to read 4 file header bytes, only got 0 Al Lewis (allewi) (Nov 30)
Re: Sig writing help Al Lewis (allewi) (Nov 17)
Re: Problem with Snort IDS Al Lewis (allewi) (Nov 12)
Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)
Re: Any Good Books out there? Al Lewis (allewi) (Dec 01)
Re: Snort Configuration ERROR Al Lewis (allewi) (Nov 19)
Re: reading folder of PCAP files Al Lewis (allewi) (Dec 09)
Re: Sig writing help Al Lewis (allewi) (Nov 17)
Re: Any Good Books out there? Al Lewis (allewi) (Dec 01)
Re: ERROR: Can't initialize DAQ pcap (-1) - truncated dump file; tried to read 4 file header bytes, only got 0 Al Lewis (allewi) (Nov 30)
Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)
Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)
Re: daq-2.2 with snort-2? Al Lewis (allewi) (Nov 13)
Re: ERROR: Can't initialize DAQ pcap (-1) - truncated dump file; tried to read 4 file header bytes, only got 0 Al Lewis (allewi) (Nov 30)
Re: ERROR: Can't initialize DAQ pcap (-1) - truncated dump file; tried to read 4 file header bytes, only got 0 Al Lewis (allewi) (Nov 30)
Amal Saeed
Re: Snort Configuration ERROR Amal Saeed (Nov 19)
Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 08)
Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 01)
Re: ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 01)
Re: ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
Snort Configuration ERROR Amal Saeed (Nov 19)
Re: ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
ARUN LAL
snorby database size ARUN LAL (Nov 26)
snorby update ARUN LAL (Oct 28)
Re: [Snort-sigs] snorby update ARUN LAL (Oct 29)
Arun Saini
Re: BASE is not getting alert, Arun Saini (Nov 30)
Re: snort rules to track Potential Criticality windows event Arun Saini (Oct 11)
BASE is not getting alert, Arun Saini (Nov 28)
snort rules to track Potential Criticality windows event Arun Saini (Oct 14)
BASE is not getting alert, Arun Saini (Nov 28)
Atanas Hambardzhiev
Rules question Atanas Hambardzhiev (Dec 01)
Balasubramaniam Natarajan
Re: [Snort-sigs] snorby update Balasubramaniam Natarajan (Oct 29)
Bhargava Jandhyala (bjandhya)
Re: Snort drops large HTTP packets Bhargava Jandhyala (bjandhya) (Oct 27)
Brent Bice
Re: Central Server Brent Bice (Nov 17)
Bruce Ferrell
Re: Port Mirroring Bruce Ferrell (Dec 06)
Bryan
pfSense and Snort Bryan (Nov 06)
BURNS, JOHN A CTR USAF AFSPC 2 SOPS/MAO
signature email list removal BURNS, JOHN A CTR USAF AFSPC 2 SOPS/MAO (Nov 16)
Chang Liu
Re: Can Snort notify a user program when it finishes processing a packet? Chang Liu (Oct 25)
Can Snort notify a user program when it finishes processing a packet? Chang Liu (Oct 25)
Re: Can Snort notify a user program when it finishes processing a packet? Chang Liu (Oct 25)
Can Snort notify a user program when it finishes processing a packet? Chang Liu (Oct 24)
Chris Pyles
Re: Rules question Chris Pyles (Dec 01)
Chris Sweeney
Can I get removed from the mailing lists? Chris Sweeney (Nov 15)
Cloherty, Sean E
Re: Snort 2.9.9 Beta Now Available Cloherty, Sean E (Nov 14)
Re: Snort 2.9.9 Beta Now Available Cloherty, Sean E (Nov 15)
Daniel Garczek
Incomplete Header with HTTP Inspect Original Client IP enabled Daniel Garczek (Oct 13)
Dave Corsello
Snort IPS with one NIC Dave Corsello (Oct 12)
Re: Snort IPS with one NIC revisited Dave Corsello (Oct 29)
Re: Snort IPS with one NIC Dave Corsello (Oct 17)
Dave Killion
Re: Snort vs Proofpoint Emerging Threats Dave Killion (Oct 07)
Dave Osbourne
Re: Snort IDS Dave Osbourne (Oct 25)
Re: Snort IDS Dave Osbourne (Oct 25)
dileep kumar
header intact dileep kumar (Dec 08)
donne schlessinger
help donne schlessinger (Dec 23)
eagleliujin
回复: Need help with telnet eagleliujin (Dec 25)
el cabezon
Injected Eitest Script el cabezon (Oct 02)
Re: Injected Eitest Script el cabezon (Oct 04)
Re: Injected Eitest Script el cabezon (Oct 03)
Eric J. Taylor
Central Server Eric J. Taylor (Nov 16)
fatema bannatwala
Local rules with same sids and snort works! fatema bannatwala (Nov 09)
Re: Something is wrong with snort logging? fatema bannatwala (Nov 08)
Something is wrong with snort logging? fatema bannatwala (Nov 07)
Not able to compile pfring-daq-module in PF_RING 6.4.1 fatema bannatwala (Nov 30)
Re: Not able to compile pfring-daq-module in PF_RING 6.4.1 fatema bannatwala (Nov 30)
Re: Local rules with same sids and snort works! fatema bannatwala (Nov 09)
Re: Something is wrong with snort logging? fatema bannatwala (Nov 08)
Re: Local rules with same sids and snort works! fatema bannatwala (Nov 09)
Re: Local rules with same sids and snort works! fatema bannatwala (Nov 09)
Re: Not able to compile pfring-daq-module in PF_RING 6.4.1 fatema bannatwala (Nov 30)
FOULDE Damien
Re: 1337 Bot and TCP options detection FOULDE Damien (Dec 28)
Re: LDAPv3 with simple authentication FOULDE Damien (Dec 29)
LDAPv3 with simple authentication FOULDE Damien (Dec 20)
Re: Snort-sigs Digest, Vol 127, Issue 22 FOULDE Damien (Dec 29)
Re: 1337 Bot and TCP options detection FOULDE Damien (Dec 28)
Franco Esmores
franco.esmores () donweb com Franco Esmores (Dec 23)
Snort Version 2.9.9.0 GRE (Build 56) not writing in Unified2 format Franco Esmores (Dec 23)
Frederic Lubrano
(no subject) Frederic Lubrano (Oct 20)
Re: (no subject) Frederic Lubrano (Oct 20)
Re: (no subject) Frederic Lubrano (Oct 20)
Geoffrey Serrao
Re: Injected Eitest Script Geoffrey Serrao (Oct 03)
Re: Windows decompression of SWF and PDF errors Geoffrey Serrao (Oct 21)
Glenn Geller
Re: IPv6 ASCII Logging Error in Windows Glenn Geller (Oct 18)
Re: IPv6 ASCII Logging Error in Windows Glenn Geller (Oct 18)
GPN SACC
CVE-2016-3237 Rule GPN SACC (Dec 21)
Gurram Vinay
ERROR size 1240 != 864 Gurram Vinay (Dec 02)
snort rules for DNS ddos attack(dns amplification attack) Gurram Vinay (Dec 07)
Hafez Kamal
[HITB-Announce] HITB2017AMS CFP Hafez Kamal (Oct 31)
[HITB-Announce] HITB2017AMS CFP - FINAL CALL Hafez Kamal (Dec 16)
hey
Re: TCP Urgent data causes HTTPInspect to fail and prevents PAF to flush hey (Dec 16)
TCP Urgent data causes HTTPInspect to fail and prevents PAF to flush hey (Dec 12)
Ikenna Chiadikaobi
solving some warning Ikenna Chiadikaobi (Dec 09)
reading folder of PCAP files Ikenna Chiadikaobi (Dec 09)
Jader Friderichs Vieira
Doubt about rule at Snort Jader Friderichs Vieira (Oct 07)
James Lay
Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)
Re: Snort inline problem James Lay (Oct 19)
Re: Seg fault with latest pf_ring git James Lay (Nov 01)
Re: snort and snort-rules/ET alerts James Lay (Dec 02)
Noction IRP Probe sig James Lay (Dec 14)
Re: (no subject) James Lay (Oct 20)
Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 30)
Re: snort inline problem James Lay (Oct 20)
Nginx default landing page sig James Lay (Dec 16)
Re: Seg fault with latest pf_ring git James Lay (Nov 01)
Visbot sig James Lay (Dec 02)
Re: Questions on Snort++ James Lay (Oct 21)
Questions on Snort++ James Lay (Oct 19)
Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)
Re: Seg fault with latest pf_ring git James Lay (Nov 01)
Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)
Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)
Re: Long over due James Lay (Oct 18)
Re: (no subject) James Lay (Oct 20)
Re: Seg fault with latest pf_ring git James Lay (Nov 02)
Re: Seg fault with latest pf_ring git James Lay (Nov 01)
Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)
Re: Snort IPS with one NIC James Lay (Oct 20)
Re: Snort inline problem James Lay (Oct 29)
Netgear Arbitrary Command Execution sig James Lay (Dec 12)
Seg fault with latest pf_ring git James Lay (Nov 01)
Re: (no subject) James Lay (Oct 20)
Long over due James Lay (Oct 18)
Rule 3:30881 James Lay (Oct 20)
Re: [Emerging-Sigs] Netgear Arbitrary Command Execution sig James Lay (Dec 12)
Snort IPS with one NIC revisited James Lay (Oct 28)
Re: Seg fault with latest pf_ring git James Lay (Nov 01)
Re: Rule 3:30881 James Lay (Oct 21)
Re: Seg fault with latest pf_ring git James Lay (Nov 01)
Jan Hermes
Custom dynamic preprocessor - How to evaluate custom rules against data from custom dissection? Jan Hermes (Nov 04)
Jared F
Understanding how to debug snort.config Jared F (Dec 06)
Jeff Feng
PEN test tool for Snort Jeff Feng (Oct 20)
Snort rule policy Jeff Feng (Oct 19)
Jeremy Hoel
Re: Rule 3:30881 Jeremy Hoel (Oct 20)
J Green
Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 28)
Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
Jim Campbell
Re: Can Snort notify a user program when it finishes processing a packet? Jim Campbell (Oct 25)
Re: Snort IDS Jim Campbell (Oct 25)
Re: Snort IDS Jim Campbell (Oct 25)
Jingning Ji
daq 2.0.6 version info inconsistency Jingning Ji (Nov 04)
João Soares
Re: Snort++ crashes abruptly João Soares (Dec 14)
Snort++ crashes abruptly João Soares (Dec 14)
Snort++ - PCAPs are missing some packets João Soares (Dec 22)
Re: Snort++ crashes abruptly João Soares (Dec 14)
Joel Esler (jesler)
Re: Rules question Joel Esler (jesler) (Dec 04)
Re: [Snort-users] snort and snort-rules/ET alerts Joel Esler (jesler) (Dec 03)
Re: request: enable nfq while building daq RPMS Joel Esler (jesler) (Oct 05)
Snort Blog: Reporting False Positives with Snort.org Joel Esler (jesler) (Nov 22)
Re: How dose suricata load snort dynamic rules (so_rules)? Joel Esler (jesler) (Nov 18)
Re: Snort vs Proofpoint Emerging Threats Joel Esler (jesler) (Oct 05)
Re: Snort cann't check LOIC Joel Esler (jesler) (Nov 22)
Re: subscribe Joel Esler (jesler) (Dec 07)
Re: Any Good Books out there? Joel Esler (jesler) (Dec 01)
Re: error Joel Esler (jesler) (Oct 14)
Re: snort and snort-rules/ET alerts Joel Esler (jesler) (Dec 02)
Re: Trying to use snort with TALOS-2016-0219 Joel Esler (jesler) (Nov 29)
Re: snort and snort-rules/ET alerts Joel Esler (jesler) (Dec 02)
Re: How dose suricata load snort dynamic rules (so_rules)? Joel Esler (jesler) (Nov 17)
Re: LDAPv3 with simple authentication Joel Esler (jesler) (Dec 29)
Re: Local rules with same sids and snort works! Joel Esler (jesler) (Nov 09)
Re: Snort-2.9.9 ETA? Joel Esler (jesler) (Nov 18)
Re: CobaltStrike certificate Joel Esler (jesler) (Dec 12)
Re: u2ratmslayer () yahoo com mx Joel Esler (jesler) (Dec 01)
Re: [Snort-users] 回复: Need help with telnet Joel Esler (jesler) (Dec 25)
Re: snort and snort-rules/ET alerts Joel Esler (jesler) (Dec 02)
Re: Local rules with same sids and snort works! Joel Esler (jesler) (Nov 09)
Re: reading folder of PCAP files Joel Esler (jesler) (Dec 12)
Mailing list etiquette was:[Snort-sigs] snorby database size Joel Esler (jesler) (Nov 28)
Re: Trying to use snort with TALOS-2016-0219 Joel Esler (jesler) (Nov 28)
Re: How dose suricata load snort dynamic rules (so_rules)? Joel Esler (jesler) (Nov 21)
Re: CVE-2016-3237 Rule Joel Esler (jesler) (Dec 21)
Re: [Snort-users] snort and snort-rules/ET alerts Joel Esler (jesler) (Dec 03)
Re: snort snapshot rules Joel Esler (jesler) (Dec 12)
Re: Sig_reference table issue Joel Esler (jesler) (Nov 21)
Re: solving some warning Joel Esler (jesler) (Dec 12)
Re: Snort 2.9.9 Beta Now Available Joel Esler (jesler) (Nov 14)
Re: [Snort-users] snort and snort-rules/ET alerts Joel Esler (jesler) (Dec 03)
Re: Any Good Books out there? Joel Esler (jesler) (Dec 01)
Re: Local rules with same sids and snort works! Joel Esler (jesler) (Nov 09)
Re: Can Snort notify a user program when it finishes processing a packet? Joel Esler (jesler) (Oct 25)
Re: Problem with latest snort.conf file Joel Esler (jesler) (Oct 20)
Re: defragmentation issue Joel Esler (jesler) (Dec 21)
Re: Snort-users Digest, Vol 127, Issue 7 Joel Esler (jesler) (Dec 02)
Re: ERROR size 1240 != 864 Joel Esler (jesler) (Dec 02)
Re: ERROR size 1240 != 864 Joel Esler (jesler) (Dec 02)
Re: [Snort-users] snort and snort-rules/ET alerts Joel Esler (jesler) (Dec 04)
Re: Any Good Books out there? Joel Esler (jesler) (Dec 01)
Joman Chu
Re: Missing members in struct _daq_modflow when compiling snort3 Joman Chu (Oct 16)
Missing members in struct _daq_modflow when compiling snort3 Joman Chu (Oct 15)
Jonas Sell
alerting to unixsocket Jonas Sell (Oct 15)
Jose Laboy
remove me from list Jose Laboy (Dec 22)
joshua burgess
Re: 1337 Bot and TCP options detection joshua burgess (Dec 28)
1337 Bot and TCP options detection joshua burgess (Dec 28)
CobaltStrike certificate joshua burgess (Dec 12)
Joshua Kinard
Snort-2.9.9 ETA? Joshua Kinard (Nov 17)
Joshua Roback
Snort Alert [gid:sid:revision] instead of signature name Barnyard2 Joshua Roback (Oct 24)
Joshua Williams
Re: New sig for detecting NTPd DoS Joshua Williams (Dec 02)
Re: New sig for detecting TP-Link TDDP SET_CONFIG type buffer overflow Joshua Williams (Nov 22)
Re: New sig for detecting a Zip file contains directory traversal Joshua Williams (Nov 14)
Re: Visbot sig Joshua Williams (Dec 02)
Re: SQLi Injection Attempts Joshua Williams (Oct 24)
Re: Injected Eitest Script Joshua Williams (Oct 03)
Re: IDS Rules to detect The Blacknurse Attack - ICMP DOS Joshua Williams (Nov 14)
Re: New sig for detecting possible Hancitor maldoc bypass via PNG Joshua Williams (Nov 07)
Re: Netgear Arbitrary Command Execution sig Joshua Williams (Dec 12)
Re: Nginx default landing page sig Joshua Williams (Dec 19)
Re: Noction IRP Probe sig Joshua Williams (Dec 14)
Justin Pederson
Re: Port Mirroring Justin Pederson (Dec 07)
Re: Any Good Books out there? Justin Pederson (Dec 01)
Snort.Conf line 285 Justin Pederson (Dec 01)
Re: Any Good Books out there? Justin Pederson (Dec 01)
Port Mirroring Justin Pederson (Dec 06)
Any Good Books out there? Justin Pederson (Dec 01)
kamil kapturkiewicz
ERROR: Can't initialize DAQ pcap (-1) - unknown file format kamil kapturkiewicz (Oct 05)
Re: ERROR: Can't initialize DAQ pcap (-1) - unknown file format Kamil Kapturkiewicz (Oct 05)
Odp: ERROR: Can't initialize DAQ pcap (-1) - unknown file format kamil kapturkiewicz (Oct 05)
Keith Pachulski
snort and snort-rules/ET alerts Keith Pachulski (Dec 02)
Re: snort and snort-rules/ET alerts Keith Pachulski (Dec 02)
Re: snort and snort-rules/ET alerts Keith Pachulski (Dec 02)
Re: snort and snort-rules/ET alerts Keith Pachulski (Dec 02)
Kevin Ross
Possible Cerber False Negative Kevin Ross (Dec 07)
koppfabi
snort snapshot rules koppfabi (Dec 12)
snort2lua error koppfabi (Dec 14)
Krainer, Andreas
(no subject) Krainer, Andreas (Dec 29)
Kulamani Sethi
Fwd: error in sort configuration Kulamani Sethi (Nov 21)
Lenny Hansson
IDS Rules to detect The Blacknurse Attack - ICMP DOS Lenny Hansson (Nov 14)
lists
Proposed Rules for Acunetix Scanner lists (Dec 28)
Re: Rules question lists (Dec 01)
Re: Snort cann't check LOIC lists (Nov 22)
Re: Rules question lists (Dec 01)
Re: Proposed Rules for Acunetix Scanner lists (Dec 28)
Re: Snort cann't check LOIC lists (Nov 22)
Re: Rules question lists (Dec 01)
lujain obeidat
(no subject) lujain obeidat (Dec 20)
Luke Ager
Re: 回复: Need help with telnet Luke Ager (Dec 25)
Re: Any Good Books out there? Luke Ager (Dec 01)
Marcin Dulak
Re: Not able to compile pfring-daq-module in PF_RING 6.4.1 Marcin Dulak (Nov 30)
request: enable nfq while building daq RPMS Marcin Dulak (Oct 05)
how to make daq drop rpath? Marcin Dulak (Nov 12)
Re: ERROR: can't find nfq DAQ Marcin Dulak (Nov 30)
Re: snort and snort-rules/ET alerts Marcin Dulak (Dec 02)
daq-2.2 with snort-2? Marcin Dulak (Nov 12)
Re: Pulledpork 0.7.2 released Marcin Dulak (Nov 08)
Re: how to make daq drop rpath? Marcin Dulak (Nov 15)
Re: Snort OS Fingerprint Scan Detectino Marcin Dulak (Nov 05)
request: drop versioning of /usr/lib64/snort-2.9.8.3_dynamicpreprocessor /usr/lib64/snort-2.9.8.3_dynamicengine directories in snort RPMS Marcin Dulak (Oct 05)
Re: Any Good Books out there? Marcin Dulak (Dec 01)
Re: snort and snort-rules/ET alerts Marcin Dulak (Dec 02)
Re: Any Good Books out there? Marcin Dulak (Dec 01)
converting unified2 to pcap: 'ethertype Unknown' Marcin Dulak (Dec 15)
Re: daq-2.2 with snort-2? Marcin Dulak (Nov 13)
Re: daq-2.2 with snort-2? Marcin Dulak (Nov 12)
Re: Not able to compile pfring-daq-module in PF_RING 6.4.1 Marcin Dulak (Nov 30)
Marcio Demetrio Bacci
Problem with Snort IDS Marcio Demetrio Bacci (Nov 11)
Doubt about Snort as IPS Marcio Demetrio Bacci (Nov 19)
Markus Lude
Re: daq-2.2 with snort-2? Markus Lude (Nov 12)
Re: daq 2.0.6 version info inconsistency Markus Lude (Nov 04)
Markus Thiemann
Re: Problem with latest snort.conf file Markus Thiemann (Oct 20)
MassTech250
Post request to the snort user list MassTech250 (Nov 22)
Maxim
Snort cannot detect HTTP OPTIONS payload Maxim (Nov 02)
Snort drops large HTTP packets Maxim (Oct 27)
Re: How to detect http response body Maxim (Nov 02)
tag:session problem Maxim (Nov 24)
Snort performance: can a single snort instance with nearly 3000 rules handle 1G traffic per second? Maxim (Dec 21)
Re: Snort IPS with one NIC revisited Maxim (Nov 24)
How to detect http response body Maxim (Nov 02)
M C
Fwd: snort ips M C (Dec 12)
mehdi chourib
IPS snort generating (DUP) packets mehdi chourib (Dec 13)
Michael Altizer
Re: how to make daq drop rpath? Michael Altizer (Nov 13)
Re: daq-2.2 with snort-2? Michael Altizer (Nov 13)
Re: Seg fault with latest pf_ring git Michael Altizer (Nov 02)
Re: Seg fault with latest pf_ring git Michael Altizer (Nov 01)
Re: daq 2.0.6 version info inconsistency Michael Altizer (Nov 05)
Michael Clark
subscribe Michael Clark (Dec 07)
Michael Shirk
Re: [Snort-users] snort and snort-rules/ET alerts Michael Shirk (Dec 03)
Re: snort and snort-rules/ET alerts Michael Shirk (Dec 02)
Re: Pulledpork 0.7.2 released Michael Shirk (Nov 08)
Pulledpork 0.7.2 released Michael Shirk (Nov 08)
Michael Steele
Re: Fwd: error in sort configuration Michael Steele (Nov 22)
Re: Problem with latest snort.conf file Michael Steele (Oct 20)
Windows broken on snort.conf Michael Steele (Oct 26)
Re: Port Mirroring Michael Steele (Dec 06)
Re: Port Mirroring Michael Steele (Dec 06)
Problem with latest snort.conf file Michael Steele (Oct 19)
Re: Fwd: error in sort configuration Michael Steele (Nov 21)
Re: Snort Configuration ERROR Michael Steele (Nov 19)
Windows decompression of SWF and PDF errors Michael Steele (Oct 20)
Re: [Snort-users] snort and snort-rules/ET alerts Michael Steele (Dec 03)
Re: [Snort-users] snort and snort-rules/ET alerts Michael Steele (Dec 03)
Re: Windows broken on snort.conf Michael Steele (Oct 26)
Re: Understanding how to debug snort.config Michael Steele (Dec 06)
Re: [Snort-users] snort and snort-rules/ET alerts Michael Steele (Dec 03)
preprocessor http_inspect_server: - Faulting in Windows Michael Steele (Oct 21)
Mike Cox
Re: Packet Performance Monitor Mike Cox (Oct 03)
mostafa ammar
Re: Snort inline problem mostafa ammar (Oct 28)
snort inline problem mostafa ammar (Oct 20)
Snort inline problem mostafa ammar (Oct 19)
Re: snort inline problem mostafa ammar (Oct 20)
Re: Snort inline problem mostafa ammar (Oct 20)
Murali Krishna
Snort IDS Murali Krishna (Oct 24)
NDRIAMALAZA Jeanny Cynthia
Reply NDRIAMALAZA Jeanny Cynthia (Dec 08)
neil ramsarran
Re: Rules question neil ramsarran (Dec 01)
Re: Rules question neil ramsarran (Dec 01)
Re: Rules question neil ramsarran (Dec 01)
Re: Rules question neil ramsarran (Dec 04)
Nouar Ismail
sql query to database Nouar Ismail (Nov 26)
log to csv file on windows Nouar Ismail (Dec 17)
logging to a csv file Nouar Ismail (Nov 26)
defragmentation issue Nouar Ismail (Dec 21)
Snort isn't alerting on some IPs Nouar Ismail (Dec 17)
Omar Vazquez
u2ratmslayer () yahoo com mx Omar Vazquez (Nov 30)
Patrick Mullen
Re: Trying to use snort with TALOS-2016-0219 Patrick Mullen (Nov 28)
Re: Trying to use snort with TALOS-2016-0219 Patrick Mullen (Nov 29)
Praveen Kumar
Re: snorby database size Praveen Kumar (Nov 27)
Randy Chow
Re: IPv6 ASCII Logging Error in Windows Randy Chow (Oct 18)
IPv6 ASCII Logging Error in Windows Randy Chow (Oct 12)
Re: IPv6 ASCII Logging Error in Windows Randy Chow (Oct 18)
Research
Snort Subscriber Rules Update 2016-11-29 Research (Nov 29)
Snort Subscriber Rules Update 2016-11-03 Research (Nov 03)
Snort Subscriber Rules Update 2016-12-06 Research (Dec 06)
Snort Subscriber Rules Update 2016-10-13 Research (Oct 13)
Snort Subscriber Rules Update 2016-11-23 Research (Nov 23)
Snort Subscriber Rules Update 2016-11-08 Research (Nov 08)
Snort Subscriber Rules Update 2016-10-11 Research (Oct 11)
Snort Subscriber Rules Update 2016-10-06 Research (Oct 06)
Snort Subscriber Rules Update 2016-09-30 Research (Oct 04)
Snort Subscriber Rules Update 2016-11-17 Research (Nov 17)
Snort Subscriber Rules Update 2016-12-01 Research (Dec 01)
Snort Subscriber Rules Update 2016-10-25 Research (Oct 25)
Snort Subscriber Rules Update 2016-10-20 Research (Oct 20)
Snort Subscriber Rules Update 2016-12-08 Research (Dec 08)
Snort Subscriber Rules Update 2016-11-30 Research (Nov 30)
Snort Subscriber Rules Update 2016-10-04 Research (Oct 04)
Snort Subscriber Rules Update 2016-11-10 Research (Nov 10)
Snort Subscriber Rules Update 2016-12-13 Research (Dec 13)
Snort Subscriber Rules Update 2016-12-22 Research (Dec 22)
Snort Subscriber Rules Update 2016-10-18 Research (Oct 18)
Snort Subscriber Rules Update 2016-10-11 Research (Oct 11)
Snort Subscriber Rules Update 2016-12-20 Research (Dec 20)
Snort Subscriber Rules Update 2016-12-29 Research (Dec 29)
Snort Subscriber Rules Update 2016-12-13 Research (Dec 13)
Snort Subscriber Rules Update 2016-11-08 Research (Nov 08)
Snort Subscriber Rules Update 2016-11-22 Research (Nov 22)
Snort Subscriber Rules Update 2016-10-25 Research (Oct 25)
Snort Subscriber Rules Update 2016-10-27 Research (Oct 27)
Snort Subscriber Rules Update 2016-12-15 Research (Dec 15)
Snort Subscriber Rules Update 2016-11-01 Research (Nov 01)
Snort Subscriber Rules Update 2016-11-15 Research (Nov 15)
rmkml
Re: CobaltStrike certificate rmkml (Dec 12)
New sig for detecting NTPd DoS rmkml (Dec 02)
Offer a new sig for detecting TrendMicro Interscan Web Security Virtual Appliance User-Agent ShellShock rmkml (Oct 22)
New sig for detecting possible Hancitor maldoc bypass via PNG rmkml (Nov 06)
Re: 回复: Need help with telnet Rmkml (Dec 31)
New sig for detecting a Zip file contains directory traversal rmkml (Nov 14)
Offer a new sig for detecting LibTIFF BadFaxLines tag count possible RCE rmkml (Oct 30)
New sig for detecting TP-Link TDDP SET_CONFIG type buffer overflow rmkml (Nov 22)
Russ
Re: Snort++ crashes abruptly Russ (Dec 14)
Re: Windows broken on snort.conf Russ (Oct 27)
Re: Snort++ crashes abruptly Russ (Dec 14)
Re: Questions on Snort++ Russ (Oct 21)
Re: TCP Urgent data causes HTTPInspect to fail and prevents PAF to flush Russ (Dec 13)
Re: Missing members in struct _daq_modflow when compiling snort3 Russ (Oct 16)
Re: Snort++ crashes abruptly Russ (Dec 14)
Re: Understanding how to debug snort.config Russ (Dec 07)
Re: Port Mirroring Russ (Dec 06)
Re: snort2lua error Russ (Dec 14)
Re: Can Snort notify a user program when it finishes processing a packet? Russ (Oct 26)
Re: Packet Performance Monitor Russ (Oct 03)
Re: snort inline mode and bridge Russ (Oct 25)
Re: Snort OS Fingerprint Scan Detectino Russ (Nov 09)
Re: snort2lua error Russ (Dec 16)
Re: snort inline mode and bridge Russ (Oct 27)
Re: TCP Urgent data causes HTTPInspect to fail and prevents PAF to flush Russ (Dec 16)
Re: Understanding how to debug snort.config Russ (Dec 06)
Re: Windows broken on snort.conf Russ (Oct 26)
Ryan Shuck
Re: Port Mirroring Ryan Shuck (Dec 06)
Savan Patel
error Savan Patel (Oct 14)
Scott Link
Re: Port Mirroring Scott Link (Dec 06)
Scott Thomas
Re: ERROR: Can't initialize DAQ pcap (-1) - truncated dump file; tried to read 4 file header bytes, only got 0 Scott Thomas (Nov 30)
ERROR: Can't initialize DAQ pcap (-1) - truncated dump file; tried to read 4 file header bytes, only got 0 Scott Thomas (Nov 30)
Re: ERROR: Can't initialize DAQ pcap (-1) - truncated dump file; tried to read 4 file header bytes, only got 0 Scott Thomas (Nov 30)
Re: ERROR: Can't initialize DAQ pcap (-1) - truncated dump file; tried to read 4 file header bytes, only got 0 Scott Thomas (Nov 30)
sepehr hashtroudilar
Need help with telnet sepehr hashtroudilar (Dec 25)
Re: [Snort-users] 回复: Need help with telnet sepehr hashtroudilar (Dec 25)
Re: [Snort-users] 回复: Need help with telnet sepehr hashtroudilar (Dec 25)
Re: [Snort-users] 回复: Need help with telnet sepehr hashtroudilar (Dec 30)
Seshaiah Erugu (serugu)
Re: IPv6 ASCII Logging Error in Windows Seshaiah Erugu (serugu) (Oct 18)
Re: Windows broken on snort.conf Seshaiah Erugu (serugu) (Oct 26)
Re: Windows broken on snort.conf Seshaiah Erugu (serugu) (Oct 26)
Re: Problem with latest snort.conf file Seshaiah Erugu (serugu) (Oct 19)
Shawn Maggard
Snort vs Proofpoint Emerging Threats Shawn Maggard (Oct 05)
Re: Snort vs Proofpoint Emerging Threats Shawn Maggard (Oct 06)
shekhar $on!
Sig_reference table issue shekhar $on! (Nov 18)
getting db error while running barnyard. shekhar $on! (Nov 16)
include local.rules in snort.rules shekhar $on! (Nov 15)
Re: Sig_reference table issue shekhar $on! (Nov 18)
Re: Sig_reference table issue shekhar $on! (Nov 20)
SiNA
IP Packet Size SiNA (Nov 07)
Snort Releases
Snort 2.9.9.0 has been released! Snort Releases (Dec 14)
Snort++ build 223 is now available on Snort.org! Snort Releases (Dec 22)
Snort++ build 217 is now available on snort.org! Snort Releases (Nov 01)
Stanwyck, Carraig - ASOC, Kansas City, MO
SQLi Injection Attempts Stanwyck, Carraig - ASOC, Kansas City, MO (Oct 19)
Re: Malicious Chrome Extensions Stanwyck, Carraig - ASOC, Kansas City, MO (Nov 09)
Steve Sturges (ststurge)
Re: Windows broken on snort.conf Steve Sturges (ststurge) (Oct 26)
Thomas Mullins
Re: PEN test tool for Snort Thomas Mullins (Oct 20)
Travis McWaters
BLACKLIST DNS request for known malware domain 143biz.cc.md-14.webhostbox.net Travis McWaters (Nov 17)
Turritopsis Dohrnii Teo
Mr. Turritopsis Dohrnii Teo En Ming (Zhang Enming) is Looking for Information Technology-related Job Opportunities World Wide Turritopsis Dohrnii Teo (Nov 17)
Vincent Li
Re: snort inline mode and bridge Vincent Li (Nov 01)
snort inline mode and bridge Vincent Li (Oct 13)
Re: snort inline mode and bridge Vincent Li (Oct 25)
Re: snort inline mode and bridge Vincent Li (Oct 26)
Re: snort inline mode and bridge Vincent Li (Oct 14)
Re: snort inline mode and bridge Vincent Li (Oct 27)
Vinson, John
Request access to snort-users mailing list Vinson, John (Dec 30)
Wei Chea Ang
Re: Rules question Wei Chea Ang (Dec 02)
Will Metcalf
Re: [Emerging-Sigs] Noction IRP Probe sig Will Metcalf (Dec 14)
wkitty42
Re: Snort isn't alerting on some IPs wkitty42 (Dec 18)
Re: Using snort-2.9.8.3.How to connect mariadb with a path like the following ? wkitty42 (Oct 22)
Re: Using snort-2.9.8.3.How to connect mariadb with a path like the following ? wkitty42 (Oct 22)
Re: Can Snort notify a user program when it finishes processing a packet? wkitty42 (Oct 25)
Re: Understanding how to debug snort.config wkitty42 (Dec 06)
Re: Snort Version 2.9.9.0 GRE (Build 56) not writing in Unified2 format wkitty42 (Dec 23)
Re: CobaltStrike certificate wkitty42 (Dec 12)
Re: Snort Alert [gid:sid:revision] instead of signature name Barnyard2 wkitty42 (Oct 24)
Re: error wkitty42 (Oct 14)
Re: Snort OS Fingerprint Scan Detectino wkitty42 (Nov 04)
Re: Snort vs Proofpoint Emerging Threats wkitty42 (Oct 05)
Re: Snort.Conf line 285 wkitty42 (Dec 01)
Re: ERROR: can't find nfq DAQ wkitty42 (Dec 01)
Re: Snort vs Proofpoint Emerging Threats wkitty42 (Oct 05)
Re: error wkitty42 (Oct 14)
Re: Any Good Books out there? wkitty42 (Dec 01)
yasir al-ibrahem
Re: Snort OS Fingerprint Scan Detectino yasir al-ibrahem (Nov 08)
Snort OS Fingerprint Scan Detectino yasir al-ibrahem (Nov 03)
Re: Snort OS Fingerprint Scan Detectino yasir al-ibrahem (Nov 04)
Y M
Re: Seg fault with latest pf_ring git Y M (Nov 01)
Re: Seg fault with latest pf_ring git Y M (Nov 01)
Re: ERROR size 1240 != 864 Y M (Dec 02)
Re: Snort OS Fingerprint Scan Detectino Y M (Nov 04)
Re: snort and snort-rules/ET alerts Y M (Dec 02)
Re: 1337 Bot and TCP options detection Y M (Dec 28)
Re: snort inline mode and bridge Y M (Nov 01)
Re: snort and snort-rules/ET alerts Y M (Dec 02)
Re: snort and snort-rules/ET alerts Y M (Dec 02)
Re: Something is wrong with snort logging? Y M (Nov 08)
Re: How to detect http response body Y M (Nov 02)
Re: Seg fault with latest pf_ring git Y M (Nov 01)
Re: How to detect http response body Y M (Nov 02)
Re: Long over due Y M (Oct 18)
Re: snort inline mode and bridge Y M (Nov 01)
Re: snort inline mode and bridge Y M (Oct 13)
Re: ERROR size 1240 != 864 Y M (Dec 02)
Yuri Niyazov
Trying to use snort with TALOS-2016-0219 Yuri Niyazov (Nov 25)
Re: Trying to use snort with TALOS-2016-0219 Yuri Niyazov (Nov 28)
Zakariae
c822775577302262c60c9417471f91c8ae6a07eb Zakariae (Dec 22)
刘强
Re: How dose suricata load snort dynamic rules (so_rules)? 刘强 (Nov 22)
Snort cann't check LOIC 刘强 (Nov 22)
Re: How dose suricata load snort dynamic rules (so_rules)? 刘强 (Nov 22)
How dose suricata load snort dynamic rules (so_rules)? 刘强 (Nov 17)
金欣
Re: Snort-users Digest, Vol 127, Issue 7 金欣 (Dec 02)