Snort mailing list archives
Question about alert
From: Jason Humes <jhumes () acs on ca>
Date: Tue, 23 Mar 2004 14:35:20 -0500
Hi We use snort to monitor multiple networks for different people. Since we started snort we've been getting some questionable alerts...for example BACKDOOR typot trojan traffic We see with multiple source and destination IPs, and our customers IPs are sometimes the source or destination. There are other alerts like this which I'm not sure if are false positives...Any ideas...thanks ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Question about alert Jason Humes (Mar 23)