Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Question about alert

From: Jason Humes <jhumes () acs on ca>
Date: Tue, 23 Mar 2004 14:35:20 -0500
Hi
We use snort to monitor multiple networks for different people.  Since we
started snort we've been getting some questionable alerts...for example

BACKDOOR typot trojan traffic

We see with multiple source and destination IPs, and our customers IPs are
sometimes the source or destination.  There are other alerts like this which
I'm not sure if are false positives...Any ideas...thanks



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: