Snort mailing list archives
Snort
From: frank.bussink () ch novartis com
Date: Tue, 25 Sep 2001 17:05:20 +0200
Using: snort-1.8.1-RELEASE When a special attempt occurs ( this is a simulation case of a client surfing a Nimda infected web site) Snort produce an error, and corrupts the consistency of my MySQL database. Error Message : database: Unable to insert the alert reference into the DB Rule in web-misc.rule ... alert tcp $EXTERNAL_NET 80 -> $HOME_NET any (msg:"WEB-MISC readme.eml autoload attempt"; flags:A+; content:"window.open(\"readme.eml\""; nocase; classtype:attempted-user; sid:1290; rev:3; reference:url,www.cert.org/advisories/CA-2001-26.html;) ... help !!!! Can anybody guide me ? Frank Bussink _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users