Snort: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

777 messages starting Jul 14 05 and ending Jul 13 05
Date index | Thread index | Author index

abanger wu

help:rh3+pptp+radius+mysql error? abanger wu (Jul 14)

Affan Basalamah

Optimizing Snort, MySQL & BASE installation Affan Basalamah (Jul 04)

afshin lamei

snort_inline problem afshin lamei (Sep 26)

Alexandre Ahmim-Richard

Managing multiple sensors ? Alexandre Ahmim-Richard (Sep 28)

Alex Butcher, ISC/ISYS

OT-ish: libpcap apps on x86_64 Alex Butcher, ISC/ISYS (Jul 26)
Re: Managing multiple sensors ? Alex Butcher, ISC/ISYS (Sep 29)
Re: Snort 2.4 and Spade Patch 2.3.2 Alex Butcher, ISC/ISYS (Aug 31)
Re: oinkmaster - disabling rules without getting new updates Alex Butcher, ISC/ISYS (Sep 20)
Re: Second Snort instance killing performance Alex Butcher, ISC/ISYS (Sep 08)
Re: how to further diagnose 'ICMP Destination Unreachable' problem? Alex Butcher, ISC/ISYS (Aug 31)
RE: Second Snort instance killing performance Alex Butcher, ISC/ISYS (Sep 09)
RE: Doubt Alex Butcher, ISC/ISYS (Aug 08)
Re: [Snort-devel] OT-ish: libpcap apps on x86_64 Alex Butcher, ISC/ISYS (Jul 27)
Re: BASE Feature Suggestion to Display Rule Source Alex Butcher, ISC/ISYS (Sep 16)
Re: BandWidth question Alex Butcher, ISC/ISYS (Aug 10)
Re: Second Snort instance killing performance Alex Butcher, ISC/ISYS (Sep 09)
Re: BASE Graphs not working Alex Butcher, ISC/ISYS (Aug 31)

Alex Kirk

Re: New Snort 2.2 Rules Alex Kirk (Sep 14)
Re: Snort Sig 4135 IE JPEG heap overflow problem Alex Kirk (Aug 24)
Re: maximum length for msg? Alex Kirk (Sep 16)
Re: maximum length for msg? Alex Kirk (Sep 15)
Re: maximum length for msg? Alex Kirk (Sep 16)
Re: SMTP Content-Type overflow attempt SID 3461 Alex Kirk (Sep 26)

Ali Eghtessadi

Re: Re: [Snort-sigs] Bad escape sequence? Ali Eghtessadi (Sep 30)

Andreas Östling

Re: Duplicate SIDs recently? Andreas Östling (Sep 25)
Re: snort perf monitoring Andreas Östling (Jul 23)
Re: perfmon-graph Andreas Östling (Sep 16)
Re: Reload rules with out restarting snort completly Andreas Östling (Sep 02)
Re: oinkmaster - disabling rules without getting new updates Andreas Östling (Sep 20)
Re: trouble with pmgraph Andreas Östling (Aug 24)
pmgraph v0.1 released Andreas Östling (Sep 18)

Andre' M. DiMino

RE: New Snort 2.2 Rules Andre' M. DiMino (Sep 14)
RE: log to syslog but not to /var/log/snort/ directory Andre' M. DiMino (Sep 02)
RE: OBSD / PROMISCUOUS Andre' M. DiMino (Sep 19)
RE: learning snort Andre' M. DiMino (Sep 28)
RE: New Snort 2.2 Rules Andre' M. DiMino (Sep 15)

Andy Firman

Re: snort died for no reason Andy Firman (Sep 07)

Angelita de Cássia Corrêa

(no subject) Angelita de Cássia Corrêa (Jul 17)
Re: False positive Angelita de Cássia Corrêa (Jul 18)
snort_decoder Angelita de Cássia Corrêa (Jul 17)
snort_decoder Angelita de Cássia Corrêa (Jul 18)
False positive Angelita de Cássia Corrêa (Jul 18)
Re: False positive Angelita de Cássia Corrêa (Jul 18)

Arthur Chilipweli

RE: Snort config and setup Need you help - Please! Arthur Chilipweli (Jul 13)
Snort config and setup Need you help - Please! Arthur Chilipweli (Jul 13)
RE: Snort config and setup Need you help - Please! Arthur Chilipweli (Jul 13)

arun . seetha

help arun . seetha (Aug 19)

Bahya NASSR EDDINE

Re: ACID and sid-msg.map file Bahya NASSR EDDINE (Jul 15)
ACID and sid-msg.map file Bahya NASSR EDDINE (Jul 15)
alert_syslog does not contain alerts' priorities!! Bahya NASSR EDDINE (Aug 02)
upgrade snort Bahya NASSR EDDINE (Jul 21)
sid-msg.map file & ACID Bahya NASSR EDDINE (Jul 11)
RE: Snort logging to MySQL but not to syslog Bahya NASSR EDDINE (Sep 14)
Re: ACID and sid-msg.map file Bahya NASSR EDDINE (Jul 15)

Bamm Visscher

Re: checksum_mode Bamm Visscher (Sep 05)
Fwd: Re[4]: unified format Bamm Visscher (Aug 19)

Banshee

snort for dummies ? Banshee (Aug 15)
Var Home_Net and NIC talk prob Banshee (Aug 17)
Re: New virus zotob signature Banshee (Aug 15)

Bill Parker

Geez Bill Parker (Sep 17)
Silly Question Bill Parker (Aug 02)

Bill Warren

Re: Looking for Minimum System Requirments for BASE with SQL Bill Warren (Jul 08)
Any problems with Snort 2.3 config file in 2.4.1? Bill Warren (Sep 28)
Looking for Minimum System Requirments for BASE with SQL Bill Warren (Jul 08)
Snort 2.4.2 with ClamAV Bill Warren (Sep 29)

bmc

Possible Evasion in Snort Multi Pattern Algorithm bmc (Jul 12)

Bob Konigsberg

RE: BandWidth question Bob Konigsberg (Aug 09)
RE: juniper IPS Bob Konigsberg (Aug 19)
RE: Appliances using free software Bob Konigsberg (Aug 11)
RE: question about snortsnarf Bob Konigsberg (Aug 15)

Bob Walder

IPS Group Test Edition 3 Bob Walder (Jul 29)
Re: juniper IPS Bob Walder (Aug 19)

Brad Doctor

IPtables QUEUE performance numbers from Ixia Brad Doctor (Aug 25)
Re: IPtables QUEUE performance numbers from Ixia Brad Doctor (Aug 25)

Brett, Gary

A question about taps Brett, Gary (Sep 16)
RE: A question about taps Brett, Gary (Sep 16)

Brian Blake

Bleeding Rules not detecting Brian Blake (Aug 19)
RE: Bleeding Rules not detecting Brian Blake (Aug 19)

Brian Coyle

Re: bad traffic in syn packet Brian Coyle (Sep 19)

Briggs, Bruce

RE: Snort Rules & Variables Briggs, Bruce (Jul 07)
RE: DOUBLE DECODING ATTACK Briggs, Bruce (Aug 18)
RE: Re: BASE vs. ACID Quick Question Briggs, Bruce (Aug 25)
RE: how to further diagnose 'ICMP Destination Unreachable' problem? Briggs, Bruce (Aug 30)
RE: Alerts generated by hosts on which snort is runnung Briggs, Bruce (Sep 14)
RE: ACID and Snort rules Briggs, Bruce (Sep 20)
RE: Lots of http_inspect alerts - configuration hints? Briggs, Bruce (Sep 28)
RE: Snort-Inline, IPTables and Performance Briggs, Bruce (Aug 25)
RE: False positive Briggs, Bruce (Jul 18)

Byron Pezan

MYSQL database maintenance for Snort Byron Pezan (Jul 08)

Cesar Sanabria Pineda

New virus zotob signature Cesar Sanabria Pineda (Aug 15)

Charles Heselton

RE: Need a help Charles Heselton (Jul 10)
RE: Snort Beer Question Charles Heselton (Sep 23)
RE: Remote syslogging with multiple interfaces Charles Heselton (Aug 09)

Chris Lyon

Re: juniper IPS Chris Lyon (Aug 19)
Re: BandWidth question Chris Lyon (Aug 09)

chrisnospam75-snortusers

mysql error 145 "mysql cannot open file xxx.myi" chrisnospam75-snortusers (Sep 19)

Chris Stankaitis

syslog facility Chris Stankaitis (Jul 14)

Christopher

mysql error No. 145 "mysql cannot open file xx.myi" Christopher (Aug 23)

Chris W. Parker

Almost there! Complaining about no MySQL support after recompiling with --with-mysql Chris W. Parker (Aug 24)
how to further diagnose 'ICMP Destination Unreachable' problem? Chris W. Parker (Aug 29)
RE: Almost there! Complaining about no MySQL support after recompiling with --with-mysql Chris W. Parker (Aug 25)
RE: Almost there! Complaining about no MySQL support after recompiling with --with-mysql Chris W. Parker (Aug 25)
RE: how to further diagnose 'ICMP Destination Unreachable' problem? Chris W. Parker (Aug 30)
RE: Help newb understand how Snort is supposed to run. Chris W. Parker (Aug 24)
Help newb understand how Snort is supposed to run. Chris W. Parker (Aug 24)

Cody Holland

TCP Portsweep Cody Holland (Aug 22)
Snort 2.4 port for FreeBSD Cody Holland (Sep 23)

Cor Koelewijn

Re: snort init.d script wont start snort in suse Cor Koelewijn (Jul 30)
snort init.d script wont start snort in suse Cor Koelewijn (Jul 29)

Court Graham

Tcpdump full conversation capture Court Graham (Sep 28)

Craig Mueller

SMTP Content-Type overflow attempt SID 3461 Craig Mueller (Sep 26)

Dahlmann, Stephan

Snort not logging to syslog Dahlmann, Stephan (Sep 19)
RE: Snort logging to MySQL but not to syslog Dahlmann, Stephan (Sep 14)
Snort logging to MySQL - but not to syslog Dahlmann, Stephan (Sep 14)
Lots of http_inspect alerts - configuration hints? Dahlmann, Stephan (Sep 28)
Snort logging to MySQL but not to syslog Dahlmann, Stephan (Sep 14)

dajackman

Re: Snort and gzip Encode Question dajackman (Aug 19)
Snort and gzip Encode Question dajackman (Aug 19)
Re: [Snort-sigs] Bad escape sequence? dajackman (Sep 30)

Daniel Cid

Re: SYN Proxy Daniel Cid (Jul 20)
Re: Alert on new IP in use? Daniel Cid (Aug 01)

Dario Alonso

uricontent error Dario Alonso (Sep 14)

Dave Peters

New to snort Dave Peters (Aug 26)

David Gullett

Snort Report 1.3 David Gullett (Sep 19)

David Klotz

Re: snort deployment David Klotz (Aug 30)

David Naylor

RE: MYSQL 4.0 root login attempt David Naylor (Aug 18)
RE: MYSQL 4.0 root login attempt David Naylor (Aug 17)
RE: making Snort listen to correct NIC David Naylor (Jul 07)
RE: making Snort listen to correct NIC David Naylor (Jul 06)
RE: MYSQL 4.0 root login attempt David Naylor (Aug 16)
MYSQL 4.0 root login attempt David Naylor (Aug 16)
making Snort listen to correct NIC David Naylor (Jul 01)
remote SQL logging error David Naylor (Aug 11)
RE: making Snort listen to correct NIC David Naylor (Jul 06)

ddodge

ACID/BASE vs PRELUDE ddodge (Sep 19)

deny

snort inline deny (Aug 24)
snort inline with mysql deny (Aug 25)
connecting snort at mysql deny (Jul 02)
Version 2.3.1 (Build 11) '''' By Martin Roesch & The Snort Team: http://www.snort.org/team.html (C) Copyright 1998-2004 Sourcefire Inc., et al. Received error message 16 deny (Aug 21)
connecting snort and mysql deny (Jul 02)

dgullett

Snort Report 1.3 dgullett (Sep 13)

Diego Cavalcante Fernandes

Alert with bug? Diego Cavalcante Fernandes (Aug 24)
Signature has generate alert without match with the packet Diego Cavalcante Fernandes (Aug 26)

Dino Dragovic

Re: How to test snort inline Dino Dragovic (Sep 29)

Dirk Geschke

Re: maximum length for msg? Dirk Geschke (Sep 16)
Re: Tagged packets Dirk Geschke (Aug 30)
Re: Snort and mysql.sock Dirk Geschke (Sep 08)
Re: maximum length for msg? Dirk Geschke (Sep 16)
Re: Quick Barnyard question... Dirk Geschke (Aug 11)
Re: Problems with MySQL & Snort Dirk Geschke (Aug 02)
Re: Snort and mysql.sock Dirk Geschke (Sep 08)

Dodd, David J

question about snortsnarf Dodd, David J (Aug 15)

Dominik Gehl

Re: Snort Beer Question Dominik Gehl (Sep 23)
Re: Snort Beer Question Dominik Gehl (Sep 23)

Donofrio, Lewis

Suse 9.0 enterp - sensor setup issue. Donofrio, Lewis (Sep 19)
Re: Snort InLine Mode Donofrio, Lewis (Aug 09)
Re: Alert on new IP in use? Donofrio, Lewis (Aug 04)

Dragos Ruiu

PacSec05 Dragos Ruiu (Sep 26)
PacSec/core05 Call For Papers Dragos Ruiu (Jul 12)

Earl Sammons

2.4.0 snort/snort-mysql RPM conflict Earl Sammons (Jul 28)
2.4.0 RPM - inline conflics w/ snort Earl Sammons (Jul 29)
Re: 2.4.0 snort/snort-mysql RPM conflict Earl Sammons (Jul 29)

East, Bill

Alternate to Snortcenter2? East, Bill (Sep 23)
RE: Alternate to Snortcenter2? East, Bill (Sep 23)

Eric Hines

Re: A question about taps Eric Hines (Sep 16)
Re: A question about taps Eric Hines (Sep 16)
RE: Appliances using free software Eric Hines (Aug 11)
RE: testing snorts Eric Hines (Sep 12)
RE: Appliances using free software Eric Hines (Aug 11)
Re: New Snort 2.2 Rules Eric Hines (Sep 14)
Re: New Snort 2.2 Rules Eric Hines (Sep 14)
RE: Snort + ISS Console Eric Hines (Aug 11)
RE: Appliances using free software Eric Hines (Aug 11)
RE: A question about taps Eric Hines (Sep 16)

eric-list-snort-users

Re: Problem with barnyard 0.2.0 and snort 2.4.0 eric-list-snort-users (Aug 20)
Problem with barnyard 0.2.0 and snort 2.4.0 eric-list-snort-users (Aug 19)
Re: Problem! Install HenWen, now LetterStick wont launch eric-list-snort-users (Sep 24)
Re: Problem with barnyard 0.2.0 and snort 2.4.0 eric-list-snort-users (Aug 20)
Re: Problem with barnyard 0.2.0 and snort 2.4.0 eric-list-snort-users (Aug 20)
Re: Problem with barnyard 0.2.0 and snort 2.4.0 eric-list-snort-users (Aug 20)

Eric Maheo

Re: Will Snort understand something like this? Eric Maheo (Sep 28)
Re: PIM - Multicasts Eric Maheo (Aug 23)
Re: Bleeding Rules not detecting Eric Maheo (Aug 19)
Re: Frag3 doc discrepancy Eric Maheo (Aug 17)

Eric Wood

FC4 and RHEL4 binaries? Eric Wood (Aug 29)

Evan J

Re: Snort and mysql.sock Evan J (Sep 08)
Re: Problem with permissions when snort ran as user "snort" Evan J (Sep 09)

Ferguson, Justin (IARC)

Snort DoS Fallacies Ferguson, Justin (IARC) (Sep 13)
RE: Re: [Snort-users] Snort DoS Fallacies Ferguson, Justin (IARC) (Sep 14)
FW: Re: [Snort-users] Snort DoS Fallacies Ferguson, Justin (IARC) (Sep 14)
RE: Re: [Snort-users] Snort DoS Fallacies Ferguson, Justin (IARC) (Sep 15)
RE: Snort DoS Fallacies Ferguson, Justin (IARC) (Sep 13)
RE: Re: [Snort-users] Snort DoS Fallacies Ferguson, Justin (IARC) (Sep 15)
RE: Re: [Snort-users] Snort DoS Fallacies Ferguson, Justin (IARC) (Sep 16)
RE: Re: [Snort-users] Snort DoS Fallacies Ferguson, Justin (IARC) (Sep 14)

fiorenzi

how to configure snort with vlan fiorenzi (Sep 19)

fizza hafiz

please help me....!!!!!! fizza hafiz (Sep 19)
attention....please...i really need your help.. fizza hafiz (Sep 19)

Flora.francesco

(snort_decoder): Short UDP packet, length field > payload length Flora.francesco (Jul 07)

fname lname

snort deployment fname lname (Aug 29)
Re: snort deployment fname lname (Aug 30)

Frank Knobbe

Re: Snort 2.4.0 problem Frank Knobbe (Jul 29)
Re: Reload rules with out restarting snort completly Frank Knobbe (Sep 02)
Re: Snort v2.3.4 Frank Knobbe (Jul 26)
Re: Reload rules with out restarting snort completly Frank Knobbe (Sep 02)
Re: [Snort-sigs] bad traffic in syn packet Frank Knobbe (Sep 07)
Re: Snort 2.4 port for FreeBSD Frank Knobbe (Sep 23)
Re: Snort v2.3.4 Frank Knobbe (Jul 26)
Re: SSH and telnet Login Attempt Rules Frank Knobbe (Sep 27)
Re: Snort 2.4.0 problem Frank Knobbe (Jul 29)

gary douglas

P2P traffic? gary douglas (Jul 21)

Gary Richardson

Re: Optimizing Snort, MySQL & BASE installation Gary Richardson (Jul 04)

Gene R Gomez

Re: ACID/BASE vs PRELUDE Gene R Gomez (Sep 19)
Re: Re: ACID/BASE vs PRELUDE Gene R Gomez (Sep 19)
Re: SSH and telnet Login Attempt Rules Gene R Gomez (Sep 27)

George Laiacona

Snort w/ Base not recording hits. George Laiacona (Aug 19)

Gianluca Varenni

[ANNOUNCE] WinPcap 3.1 has been released Gianluca Varenni (Aug 05)

Giri Vardhan Valluru

Advantages of Snort IDS over eTrust IDS Giri Vardhan Valluru (Aug 24)

Guillaume Arcas

Re: ACID and sid-msg.map file Guillaume Arcas (Jul 15)
Re: ACID and sid-msg.map file Guillaume Arcas (Jul 15)

Gutemberg A. Vieira

Software from SourceFire is free? Gutemberg A. Vieira (Aug 12)
Snort + ISS Console Gutemberg A. Vieira (Aug 11)
Appliances using free software Gutemberg A. Vieira (Aug 11)

hans

Re: DOUBLE DECODING ATTACK hans (Aug 22)
DOUBLE DECODING ATTACK hans (Aug 18)

Harry Hoffman

Re: Tapping into the ring buffer Harry Hoffman (Aug 19)

Hartman, Shane

RE: Snort and mysql.sock Hartman, Shane (Sep 08)

Hin

Re: Will Snort understand something like this? Hin (Sep 28)
Will Snort understand something like this? Hin (Sep 28)
Stream4 min_ttl option Hin (Aug 22)
frag3 configuration Hin (Aug 16)
Tagged packets Hin (Aug 30)
Policy VNC server response Hin (Sep 28)

Humes, David G.

RE: oinkmaster - disabling rules without getting new updates Humes, David G. (Sep 19)
oinkmaster - disabling rules without getting new updates Humes, David G. (Sep 19)

Igor Belikov

Re[2]: unified format Igor Belikov (Aug 19)
Re[4]: unified format Igor Belikov (Aug 19)
unified format Igor Belikov (Aug 18)
Re: Fwd: Re[4]: unified format Igor Belikov (Aug 22)

James Beistle

Nubie installing latest James Beistle (Sep 13)
nubie first attempt to start snort failed James Beistle (Sep 12)

James B Horwath

learning snort James B Horwath (Sep 28)

James Bruce

RE: IPS James Bruce (Jul 26)

James Lay

Interesting issue.. James Lay (Sep 02)

James Riden

Re: Alert on new IP in use? James Riden (Aug 03)
Re: Alert on new IP in use? James Riden (Aug 01)
Re: Doubt James Riden (Aug 05)

Jason

Re: Re: Possible Evasion in Snort Multi Pattern Algorithm Jason (Jul 13)
Re: Problem! Install HenWen, now LetterStick wont launch Jason (Sep 24)
Re: Snort 2.4.1 Available Jason (Sep 17)
Re: SSH and telnet Login Attempt Rules Jason (Sep 27)
Re: [Snort-Users] Snort 2.4.1 Available Jason (Sep 18)

Jason Alexander

Re: Alternate to Snortcenter2? Jason Alexander (Sep 28)

Jason Benway

Re: Alert on new IP in use? Jason Benway (Aug 09)
Re: Alert on new IP in use? Jason Benway (Aug 03)
(no subject) Jason Benway (Aug 01)
Re: not logging to database Jason Benway (Aug 01)
Re: (no subject) Jason Benway (Aug 01)
Re: (no subject) Jason Benway (Aug 01)
Re: (no subject) Jason Benway (Aug 01)
Re: (no subject) Jason Benway (Aug 01)

Jason Brvenik

Re: log to syslog but not to /var/log/snort/ directory Jason Brvenik (Sep 05)
Re: Software from SourceFire is free? Jason Brvenik (Aug 12)
Re: SYN Proxy Jason Brvenik (Jul 19)
Re: not load snort rules when I use -D option Jason Brvenik (Sep 05)
Re: checksum_mode Jason Brvenik (Sep 05)
Re: Net minus one address? Jason Brvenik (Aug 01)
Re: not load snort rules when I use -D option Jason Brvenik (Sep 06)
Re: not load snort rules when I use -D option Jason Brvenik (Sep 05)
Re: Output unified Jason Brvenik (Jul 22)
Re: RNA Config Jason Brvenik (Aug 15)
Re: (no subject) Jason Brvenik (Aug 01)
Re: snort deployment Jason Brvenik (Aug 30)
Re: decode_data_link option Jason Brvenik (Sep 05)
Re: windows platform, looking for easy cisco ACL mang solution Jason Brvenik (Jul 31)
Re: Re: Snort-users digest, Vol 1 #5192 - 5 msgs Jason Brvenik (Jul 14)
Re: Snort 2.4 and Spade Patch 2.3.2 Jason Brvenik (Sep 19)
Re: sfPortscan IP list ? Jason Brvenik (Sep 02)
Re: Problem with barnyard 0.2.0 and snort 2.4.0 Jason Brvenik (Sep 19)
Re: (no subject) Jason Brvenik (Aug 01)
Re: Correlation on Snort Events Jason Brvenik (Sep 06)
Re: New virus zotob signature Jason Brvenik (Aug 15)
Re: (snort_decoder): Short UDP packet, length field > payload length Jason Brvenik (Jul 14)

Jason Haar

Re: uricontent error Jason Haar (Sep 14)
Re: Second Snort instance killing performance Jason Haar (Sep 08)

Jason Warren

spp_arpspoof Jason Warren (Jul 21)

Jeff Coppock

Re: Alert on new IP in use? Jeff Coppock (Aug 02)

Jeff Dell

RE: Appliances using free software Jeff Dell (Aug 11)
RE: Snort performance concerns Jeff Dell (Sep 30)
RE: Appliances using free software Jeff Dell (Aug 11)
RE: (no subject) Jeff Dell (Aug 01)
Honeynet Security Console 2.5 Released Jeff Dell (Aug 16)
RE: Snort performance concerns Jeff Dell (Sep 30)
RE: nubie first attempt to start snort failed Jeff Dell (Sep 12)
RE: Snort config and setup Need you help - Please! Jeff Dell (Jul 13)
RE: Old Snort binaries for Windows Jeff Dell (Sep 12)
RE: Alerts Jeff Dell (Jul 27)
RE: Snort 2.4 Released! Jeff Dell (Jul 28)

Jeff Kell

Selective pcaps on demand? Jeff Kell (Aug 19)
Duplicate SIDs recently? Jeff Kell (Sep 25)
Quick Barnyard question... Jeff Kell (Aug 11)
reference tags: snort, bleeding sigs, database plugin,MySQL, BASE, somebody! Jeff Kell (Aug 03)
Re: Quick Barnyard question... Jeff Kell (Aug 11)
Re: postscan Jeff Kell (Sep 15)
Re: MYSQL database maintenance for Snort Jeff Kell (Jul 08)

Jennifer Steffens

Re: Snort v2.3.4 Jennifer Steffens (Jul 27)
Snort 2.4.2 Now Available Jennifer Steffens (Sep 28)
Remote Vulnerability in Snort - Fix and Workaround Available Jennifer Steffens (Sep 12)
Re: Snort 2.4.1 Available Jennifer Steffens (Sep 17)
Snort Lunch at DefCon Jennifer Steffens (Jul 22)
Snort/Sguil Meeting in San Francisco, CA Jennifer Steffens (Aug 02)
OSSRC Web Site Live Jennifer Steffens (Jul 25)
Re: Upcoming Snort User Group Meetings Jennifer Steffens (Sep 08)
Upcoming Snort User Group Meetings Jennifer Steffens (Sep 08)
Snort 2.4 Released! Jennifer Steffens (Jul 28)
Snort 2.4.1 Available Jennifer Steffens (Sep 16)

Jennifer Talcott

Reminder - Upcoming Snort User Group Meetings Jennifer Talcott (Sep 19)

Jeremy M. Guthrie

ids-load-balancing-HOWTO Jeremy M. Guthrie (Jul 27)

Joel Esler

Re: sid-msg.map file & ACID Joel Esler (Jul 11)
Re: Snort performance concerns Joel Esler (Sep 30)
Movin' on up... Joel Esler (Jul 21)
Re: (snort_decoder): Short UDP packet, length field > payload length Joel Esler (Jul 14)
Re: Map Bleeding snort signature name in ACID/BASE Joel Esler (Sep 08)
Re: syslog facility Joel Esler (Jul 14)
Re: snort_decoder Joel Esler (Jul 17)
Re: Snort and gzip Encode Question Joel Esler (Aug 19)
Re: syslog facility Joel Esler (Jul 14)
Re: Quick Barnyard question... Joel Esler (Aug 15)
Re: learning snort Joel Esler (Sep 28)
Re: Will Snort understand something like this? Joel Esler (Sep 28)
Re: Policy VNC server response Joel Esler (Sep 28)
Re: A question about taps Joel Esler (Sep 16)
Re: uricontent error Joel Esler (Sep 14)
Re: Re: BASE vs. ACID Quick Question Joel Esler (Sep 19)
Re: snort/acid/base not displaying portscan traffic Joel Esler (Jul 14)
Re: ACID/BASE vs PRELUDE Joel Esler (Sep 19)
Re: Quick Barnyard question... Joel Esler (Aug 13)
Re: Snort performance concerns Joel Esler (Sep 30)
Re: False positive Joel Esler (Jul 18)
Re: Signature has generate alert without match with the packet Joel Esler (Aug 26)
Re: Tcpdump full conversation capture Joel Esler (Sep 28)
Re: Snort on Multiple Interfaces Joel Esler (Jul 22)
Re: Alternate to Snortcenter2? Joel Esler (Sep 23)
Re: Reload rules with out restarting snort completly Joel Esler (Sep 03)
Re: BASE Feature Suggestion to Display Rule Source Joel Esler (Sep 15)
Re: oinkmaster - disabling rules without getting new updates Joel Esler (Sep 19)
Re: question about snortsnarf Joel Esler (Aug 15)
Re: Re: Possible Evasion in Snort Multi Pattern Algorithm Joel Esler (Jul 13)
Re: Snort not logging to syslog Joel Esler (Sep 19)
Re: Snort Rules & Variables Joel Esler (Jul 07)

Joe Patterson

RE: Tapping into the ring buffer Joe Patterson (Aug 22)

Joe Pope

RE: making Snort listen to correct NIC Joe Pope (Jul 06)

Joe S

Re: Snort Beer Question Joe S (Sep 23)
Snort -u not creating logfiles with correct ownership Joe S (Sep 16)
Re: [Snort-Users] Snort 2.4.1 Available Joe S (Sep 18)

John Creegan

Re: Re: BASE vs. ACID Quick Question John Creegan (Aug 25)
Re: BASE vs. ACID Quick Question John Creegan (Aug 25)

John C. Silvia

Re: Help newb understand how Snort is supposed to run. John C. Silvia (Aug 25)

John Hally

http_inspect ?'s John Hally (Jul 26)
http_inspect ? John Hally (Jul 28)
bad traffic in syn packet John Hally (Sep 06)
Snort 2.4.0 problem John Hally (Jul 29)
snortcenter2 and "no updates at this time" John Hally (Jul 11)
RE: Remote syslogging with multiple interfaces John Hally (Aug 09)
RE: snort perf monitoring John Hally (Jul 25)
snort perf monitoring John Hally (Jul 22)

Jonathan Scheidell

Snort Sig 4135 IE JPEG heap overflow problem Jonathan Scheidell (Aug 24)

Joshua Berry

RE: making Snort listen to correct NIC Joshua Berry (Jul 06)
RE: making Snort listen to correct NIC Joshua Berry (Jul 01)
RE: Snort performance concerns Joshua Berry (Sep 30)
RE: (no subject) Joshua Berry (Aug 01)
RE: Remote syslogging with multiple interfaces Joshua Berry (Aug 09)
RE: snort rule firing order Joshua Berry (Sep 13)

J.Smith

Re: [Snort-devel] Detecting TCP Timestamp PAWS DoS from tracefile J.Smith (Aug 07)
Re: [Snort-devel] Detecting TCP Timestamp PAWS DoS from tracefile J.Smith (Aug 07)
Detecting TCP Timestamp PAWS DoS from tracefile J.Smith (Aug 07)
Re: [Snort-devel] Detecting TCP Timestamp PAWS DoS from tracefile J.Smith (Aug 07)

Justin Heath

snort-mysql packages for RHEL3 Justin Heath (Aug 16)

Kamal Ahmed

Correlation on Snort Events Kamal Ahmed (Sep 05)

Kevin Johnson

Re: connecting snort at mysql Kevin Johnson (Jul 03)
Re: Snort w/ Base not recording hits. Kevin Johnson (Aug 19)
Re: Optimizing Snort, MySQL & BASE installation Kevin Johnson (Jul 04)
Re: reference tags: snort, bleeding sigs, database plugin,MySQL, BASE, somebody! Kevin Johnson (Aug 06)
Re: Error in ACID??? Kevin Johnson (Aug 12)
BASE 1.1.4 released Kevin Johnson (Aug 09)
Re: BASE Graphs not working Kevin Johnson (Aug 30)
Re: [Secureideas-base-user] Fwd: Database ERROR:Database ERROR:Got error 134 from table handler Kevin Johnson (Aug 16)
Re: BASE Feature Suggestion to Display Rule Source Kevin Johnson (Sep 16)
Re: Re: Image_Graph Quick Question Kevin Johnson (Sep 16)

Kevin Ponds

Re: Remote syslogging with multiple interfaces Kevin Ponds (Aug 09)
Remote syslogging with multiple interfaces Kevin Ponds (Aug 08)

Kevin Reiter

Re: Doubt Kevin Reiter (Aug 05)
Re: making Snort listen to correct NIC Kevin Reiter (Jul 07)
Re: windows 2k interface cmd in conf Kevin Reiter (Jul 07)
Re: Problem! Install HenWen, now LetterStick wont launch Kevin Reiter (Sep 25)
Re: Error in ACID??? Kevin Reiter (Aug 12)
Re: Doubt Kevin Reiter (Aug 05)
Re: windows 2k interface cmd in conf Kevin Reiter (Jul 07)
Re: help Kevin Reiter (Aug 19)
Re: Appliances using free software Kevin Reiter (Aug 11)

kliaaen

Bug(?): mysql reserved name usage kliaaen (Sep 22)

Kolanovic, Tomislav/Human Resources

RE: Old unified log files Kolanovic, Tomislav/Human Resources (Jul 15)
Old unified log files Kolanovic, Tomislav/Human Resources (Jul 15)
RE: Old unified log files Kolanovic, Tomislav/Human Resources (Jul 18)

Kretzer, Jason R (Big Sandy)

RE: testing snorts Kretzer, Jason R (Big Sandy) (Sep 12)
snort rule firing order Kretzer, Jason R (Big Sandy) (Sep 13)
RE: Nubie installing latest Kretzer, Jason R (Big Sandy) (Sep 13)

Kris Karas

Re: ACID/BASE vs PRELUDE Kris Karas (Sep 19)
Re: ACID/BASE vs PRELUDE Kris Karas (Sep 20)

Ks, Mithun (GE Commercial Finance, non-GE)

RE: Doubt Ks, Mithun (GE Commercial Finance, non-GE) (Aug 05)
RE: Need a help Ks, Mithun (GE Commercial Finance, non-GE) (Jul 07)
Need a help Ks, Mithun (GE Commercial Finance, non-GE) (Jul 07)
Doubt Ks, Mithun (GE Commercial Finance, non-GE) (Aug 05)

Kunael

Re: Error in ACID??? Kunael (Aug 18)
Error in ACID??? Kunael (Aug 12)

Larry Wichman

(no subject) Larry Wichman (Sep 12)
Snort performance concerns Larry Wichman (Sep 30)
trouble with pmgraph Larry Wichman (Aug 23)
Re: Snort performance concerns Larry Wichman (Sep 30)
trouble with pmgraph Larry Wichman (Aug 30)

Lean Cornelius

Snort & ACID Lean Cornelius (Aug 15)
RE: Snort & ACID Lean Cornelius (Aug 15)
RE: BASE Graphs not working Lean Cornelius (Aug 30)
BASE Graphs not working Lean Cornelius (Aug 30)

Lee Clemens

RE: sfPortscan IP list ? Lee Clemens (Aug 31)

lmarcilly

Output unified lmarcilly (Jul 22)

Luca Losio

Snort and mysql.sock Luca Losio (Sep 08)
Re: Snort and mysql.sock Luca Losio (Sep 08)

LW

Dumb BASE question LW (Sep 20)

MAEDA

Re: snort deployment MAEDA (Aug 29)

Marcin Sura

Alerts generated by hosts on which snort is runnung Marcin Sura (Sep 14)

Marc Norton

Re: Second Snort instance killing performance Marc Norton (Sep 19)

Martin Muench

Can't compile snort inline on FC3 Martin Muench (Aug 18)

Martin Roesch

Re: [Snort-Users] Snort 2.4.1 Available Martin Roesch (Sep 18)
Re: Snort DoS Fallacies Martin Roesch (Sep 13)
Re: Snort DoS Fallacies Martin Roesch (Sep 13)
Re: Re: [Snort-users] Snort DoS Fallacies Martin Roesch (Sep 14)
Re: Snort 2.4.1 Available Martin Roesch (Sep 18)
Re: Snort DoS Fallacies Martin Roesch (Sep 13)
Re: Snort 2.4 Released! Martin Roesch (Jul 28)
Re: snort_decoder Martin Roesch (Jul 17)
Snort SACK Option DoS clarifications Martin Roesch (Sep 12)
Re: 2.4.0 snort/snort-mysql RPM conflict Martin Roesch (Jul 28)
Re: Snort -T and -K in 2.4.1 Martin Roesch (Sep 19)
Re: Snort DoS Fallacies Martin Roesch (Sep 13)
Re: Snort -T and -K in 2.4.1 Martin Roesch (Sep 19)
Re: Snort DoS Fallacies Martin Roesch (Sep 13)

Matthew K. Lee

Frag3 doc discrepancy Matthew K. Lee (Aug 17)

Matt Jonkman

Snort Signature Translations Almost Ready!! Matt Jonkman (Sep 19)

Matt Kettler

Re: Alert on new IP in use? Matt Kettler (Aug 01)
Re: Is snort an over kill just for apache? Matt Kettler (Aug 24)
Re: Variable to specify 2 networks and exclude 1 host - How? Matt Kettler (Jul 14)
Re: Undocumented SIDs Matt Kettler (Jul 21)
Re: juniper IPS Matt Kettler (Aug 19)
Re: help Matt Kettler (Aug 19)
Re: windows 2k interface cmd in conf Matt Kettler (Jul 06)
Re: False positive Matt Kettler (Jul 18)
Re: snort perf monitoring Matt Kettler (Jul 22)
Re: UNSUBSCRIBE Matt Kettler (Jul 13)
Re: Remote syslogging with multiple interfaces Matt Kettler (Aug 09)
Re: SYN Proxy Matt Kettler (Jul 20)
Re: SYN Proxy Matt Kettler (Jul 19)
Re: Snort -u not creating logfiles with correct ownership Matt Kettler (Sep 16)
Re: Undocumented SIDs Matt Kettler (Jul 21)
Re: Maximum Number Of IPs Per Variable In snort.conf Matt Kettler (Aug 01)
Re: Snort config and setup Need you help - Please! Matt Kettler (Jul 13)
Re: question about snortsnarf Matt Kettler (Aug 15)
Re: IPS Matt Kettler (Jul 26)
Re: Snort config and setup Need you help - Please! Matt Kettler (Jul 13)
Re: Alert on new IP in use? Matt Kettler (Aug 01)
Re: BandWidth question Matt Kettler (Aug 09)

Matt Linton

Snort-Inline, IPTables and Performance Matt Linton (Aug 24)
Re: Snort-Inline, IPTables and Performance Matt Linton (Aug 25)
Re: Snort-Inline, IPTables and Performance Matt Linton (Aug 25)

McCash, John

BASE Feature Suggestion to Display Rule Source McCash, John (Sep 15)

Michael Boman

Re: Reload rules with out restarting snort completly Michael Boman (Sep 02)

Michael Schwartzkopff

Re: RNA Config Michael Schwartzkopff (Aug 15)

Michael Sierchio

Re: Get/wget sigs? Michael Sierchio (Sep 27)
Re: postscan Michael Sierchio (Sep 15)

Michael Steele

RE: windows 2k interface cmd in conf Michael Steele (Jul 07)
RE: [Snort-Users] Snort 2.4.1 Available Michael Steele (Sep 18)
RE: Old Snort binaries for Windows Michael Steele (Sep 12)
RE: question about snortsnarf Michael Steele (Aug 15)
RE: Snort 2.4.1 Available Michael Steele (Sep 17)
RE: [Snort-Users] Snort 2.4.1 Available Michael Steele (Sep 18)
RE: [ANNOUNCE] WinPcap 3.1 has been released - FAILS with SNORT - READ... Michael Steele (Aug 06)
RE: Snort 2.4.1 Available Michael Steele (Sep 17)

Michael Stone

Re: [Snort-Users] Snort 2.4.1 Available Michael Stone (Sep 18)
Re: Optimizing Snort, MySQL & BASE installation Michael Stone (Jul 04)
Re: Optimizing Snort, MySQL & BASE installation Michael Stone (Jul 04)

Mihai Petre

Re: Quick Barnyard question... Mihai Petre (Aug 11)
Re: Quick Barnyard question... Mihai Petre (Aug 11)

Milani Paolo

Re: Tapping into the ring buffer Milani Paolo (Aug 23)

Min Qiu

RE: Quick Barnyard question... Min Qiu (Aug 11)
RE: Frag3 doc discrepancy Min Qiu (Aug 17)
juniper IPS Min Qiu (Aug 19)
RE: Quick Barnyard question... Min Qiu (Aug 15)
RE: snort-mysql packages for RHEL3 Min Qiu (Aug 16)
RE: Quick Barnyard question... Min Qiu (Aug 15)

Mohamed Eldesoky

Database ERROR:Database ERROR:Got error 134 from table handler Mohamed Eldesoky (Aug 15)
Re: Database ERROR:Database ERROR:Got error 134 from table handler Mohamed Eldesoky (Aug 17)
Re: Database ERROR:Database ERROR:Got error 134 from table handler Mohamed Eldesoky (Aug 16)

M Raju

Re: Advantages of Snort IDS over eTrust IDS M Raju (Aug 24)

M. Shirk

Re: Undocumented SIDs M. Shirk (Jul 21)
RE: (snort_decoder): Short UDP packet, length field > payload leng M. Shirk (Jul 14)
RE: Bleeding Rules not detecting M. Shirk (Aug 19)
Re: (no subject) M. Shirk (Aug 01)
RE: Bleeding Rules not detecting M. Shirk (Aug 19)
RE: (no subject) M. Shirk (Aug 01)
RE: question about snortsnarf M. Shirk (Aug 18)
RE: Snort & ACID M. Shirk (Aug 15)
RE: (snort_decoder): Short UDP packet, length field > payload leng M. Shirk (Jul 14)

Murali Raju

Re: Second Snort instance killing performance Murali Raju (Sep 12)
Re: PPTP and Cisco IPSEC Murali Raju (Sep 13)
Re: [Snort-Users] Snort 2.4.1 Available Murali Raju (Sep 19)

nard

No content match in modern snorts nard (Sep 20)

Nick Plante

Re: Snort-users digest, Vol 1 #5189 - 7 msgs Nick Plante (Jul 08)
Re: Snort-users digest, Vol 1 #5213 - 2 msgs Nick Plante (Jul 30)
Re: Snort-users digest, Vol 1 #5267 - 1 msg Nick Plante (Sep 10)
Re: Snort-users digest, Vol 1 #5242 - 7 msgs Nick Plante (Aug 20)
Re: Snort-users digest, Vol 1 #5225 - 3 msgs Nick Plante (Aug 09)
Re: Snort-users digest, Vol 1 #5201 - 5 msgs Nick Plante (Jul 19)
Re: Snort-users digest, Vol 1 #5257 - 7 msgs Nick Plante (Aug 31)

Nigel Houghton

Sourcefire VRT Update for Zotob Worm Nigel Houghton (Aug 15)
MS05-039 and Zotob worm Nigel Houghton (Aug 14)
Re: New Snort 2.2 Rules (Walt Rich) Nigel Houghton (Sep 14)
Re: Undocumented SIDs Nigel Houghton (Jul 21)

Nils Fragoso

Promiscuous mode Nils Fragoso (Sep 08)
Portscan Nils Fragoso (Aug 25)

Ollie Walsh

RNA Config Ollie Walsh (Aug 15)

Omar F. Altom

installing snort Omar F. Altom (Sep 23)

O'Sullivan, Mairtin

Maximum Number Of IPs Per Variable In snort.conf O'Sullivan, Mairtin (Aug 01)
RE: Maximum Number Of IPs Per Variable In snort.conf O'Sullivan, Mairtin (Aug 02)

Pablo Nebrera

Re: log to syslog but not to /var/log/snort/ directory Pablo Nebrera (Sep 07)
RE: log to syslog but not to /var/log/snort/ directory Pablo Nebrera (Sep 05)
checksum_mode Pablo Nebrera (Sep 05)
log to syslog but not to /var/log/snort/ directory Pablo Nebrera (Sep 02)
Reload rules with out restarting snort completly Pablo Nebrera (Sep 02)
Re: not load snort rules when I use -D option Pablo Nebrera (Sep 06)
decode_data_link option Pablo Nebrera (Sep 05)
not load snort rules when I use -D option Pablo Nebrera (Sep 05)

Passreality

Perfmonitor Passreality (Sep 19)

Patrick Harper

RE: Error in ACID??? Patrick Harper (Aug 12)
RE: Help newb understand how Snort is supposed to run. Patrick Harper (Aug 24)
RE: Tcpdump full conversation capture Patrick Harper (Sep 28)
RE: FC4 and RHEL4 binaries? Patrick Harper (Aug 29)
RE: IPS Patrick Harper (Jul 26)
RE: installing snort Patrick Harper (Sep 23)
RE: Upcoming Snort User Group Meetings Patrick Harper (Sep 08)
RE: Help newb understand how Snort is supposed to run. Patrick Harper (Aug 25)
RE: snort deployment Patrick Harper (Aug 29)
RE: Install guide help-- for Snort, Apache, SSL, PHP, and BASE install on Red hat WS 3 Patrick Harper (Aug 11)
RE: snort for dummies ? Patrick Harper (Aug 15)
RE: (no subject) Patrick Harper (Sep 02)
RE: snort died for no reason Patrick Harper (Sep 07)
RE: Doubt patrick harper (Aug 05)
RE: New to snort Patrick Harper (Aug 26)
RE: Get/wget sigs? Patrick Harper (Sep 27)
RE: Snort config and setup Need you help - Please! Patrick Harper (Jul 13)

Patrick Walsh

RE: learning snort Patrick Walsh (Sep 29)

Paule

snort/acid/base not displaying portscan traffic Paule (Jul 14)

Paul Melson

RE: snort variable to specify 2 networks and exclude one IP inside the network - How? Paul Melson (Jul 11)
RE: PPTP and Cisco IPSEC Paul Melson (Sep 13)
RE: Second Snort instance killing performance Paul Melson (Sep 08)
RE: OBSD / PROMISCUOUS Paul Melson (Sep 19)
RE: Second Snort instance killing performance Paul Melson (Sep 12)
RE: (no subject) Paul Melson (Sep 02)
RE: postscan Paul Melson (Sep 15)
RE: Logs in Messages Paul Melson (Jul 11)
Second Snort instance killing performance Paul Melson (Sep 07)
RE: Second Snort instance killing performance Paul Melson (Sep 08)
RE: postscan Paul Melson (Sep 15)
RE: [Snort-Users] Snort 2.4.1 Available Paul Melson (Sep 19)
RE: Re: Snort-users digest, Vol 1 #5192 - 5 msgs Paul Melson (Jul 14)

Paul Schmehl

RE: Quick Barnyard question... Paul Schmehl (Aug 15)
Re: Quick Barnyard question... Paul Schmehl (Aug 11)
RE: Appliances using free software Paul Schmehl (Aug 11)
Re: Quick Barnyard question... Paul Schmehl (Aug 11)
Re: attention....please...i really need your help.. Paul Schmehl (Sep 19)
Re: Problem with barnyard 0.2.0 and snort 2.4.0 Paul Schmehl (Aug 20)
Re: MYSQL 4.0 root login attempt Paul Schmehl (Aug 16)
Re: please help me....!!!!!! Paul Schmehl (Sep 19)
RE: MYSQL 4.0 root login attempt Paul Schmehl (Aug 16)
Re: Old unified log files Paul Schmehl (Jul 15)
Re: ACID and sid-msg.map file Paul Schmehl (Jul 15)
Re: Quick Barnyard question... Paul Schmehl (Aug 11)
Re: Problem with barnyard 0.2.0 and snort 2.4.0 Paul Schmehl (Sep 19)
Re: Re: Snort-users digest, Vol 1 #5192 - 5 msgs Paul Schmehl (Jul 13)
Re: Dumb BASE question Paul Schmehl (Sep 20)
Re: Quick Barnyard question... Paul Schmehl (Aug 11)
Re: Problem with barnyard 0.2.0 and snort 2.4.0 Paul Schmehl (Aug 20)

Peggy Kam

maximum length for msg? Peggy Kam (Sep 15)

Pennell, Ronald B.

Snort Rules & Variables Pennell, Ronald B. (Jul 07)

Peter Moody

Re: Where is SPADE ? Peter Moody (Aug 29)

Phil Wood

Re: [Snort-devel] OT-ish: libpcap apps on x86_64 Phil Wood (Jul 26)

Pigeon

Is snort an over kill just for apache? Pigeon (Aug 23)

Plantier, Spencer

gui Plantier, Spencer (Jul 18)

psitton

bare byte unicode encoding psitton (Aug 18)

pureone

snort+mysql+problems pureone (Aug 11)

purplebag

Re: Snort DoS Fallacies purplebag (Sep 13)

Rich Adamson

Re: syslog facility Rich Adamson (Jul 14)
RE: Snort 2.4.1 Available Rich Adamson (Sep 18)
Re: Old Snort binaries for Windows Rich Adamson (Sep 12)
Re: Alert on new IP in use? Rich Adamson (Aug 01)
Bleeding-Edge Virus 2001268 false positive (SWEN.A) Rich Adamson (Jul 05)
Alert on new IP in use? Rich Adamson (Aug 01)
Re: Can a win2k pcap 1 interface have multiple sniff apps.......... Rich Adamson (Jul 13)
Net minus one address? Rich Adamson (Aug 01)
Re: windows 2k single pc with multiple snort interface with portscan log ? Rich Adamson (Jul 08)

Richard Bejtlich

Re: [Snort-Users] Snort 2.4.1 Available Richard Bejtlich (Sep 18)
Re: [Snort-Users] Snort 2.4.1 Available Richard Bejtlich (Sep 18)
Re: A question about taps Richard Bejtlich (Sep 16)
Re: ids-load-balancing-HOWTO Richard Bejtlich (Jul 28)
RE: Snort performance concerns Richard Bejtlich (Sep 30)
Re: [Snort-Users] Snort 2.4.1 Available Richard Bejtlich (Sep 18)

Richard Brown

Exploit VQserver admin alert - need 9090 access Richard Brown (Jul 25)

Richard Harman

waldogps - monitor multiple copies of barnyard running against multiple databases Richard Harman (Jul 09)
Re: Re: Snort-users digest, Vol 1 #5257 - 7 msgs Richard Harman (Aug 31)

Rob Ristroph

can't get snort (patched for snortsam) to trigger on a test rule Rob Ristroph (Aug 23)

Roland Turner (SourceForge)

Re: unified format Roland Turner (SourceForge) (Aug 19)
Re: Re[2]: unified format Roland Turner (SourceForge) (Aug 19)
Re: Re[4]: unified format Roland Turner (SourceForge) (Aug 19)

Ron

Re: Snort on Multiple Interfaces Ron (Jul 22)
Re: [ANNOUNCE] WinPcap 3.1 has been released - FAILS with SNORT - READ... Ron (Aug 06)
Snort on Multiple Interfaces Ron (Jul 21)

Ron Jenkins

postscan Ron Jenkins (Sep 15)
RE: ACID/BASE vs PRELUDE Ron Jenkins (Sep 19)
RE: Geez Ron Jenkins (Sep 17)
RE: Snort 2.4.1 Available Ron Jenkins (Sep 17)
RE: [Snort-Users] Snort 2.4.1 Available Ron Jenkins (Sep 18)
SSH and telnet Login Attempt Rules Ron Jenkins (Sep 27)
PPTP and Cisco IPSEC Ron Jenkins (Sep 13)
Snort v2.3.4 Ron Jenkins (Jul 26)
Snort-devel] Re: Snort DoS Fallacies Ron Jenkins (Sep 14)
RE: [Snort-Users] Snort 2.4.1 Available Ron Jenkins (Sep 18)
RE: Duplicate SIDs recently? Ron Jenkins (Sep 25)
RE: SSH and telnet Login Attempt Rules Ron Jenkins (Sep 27)
Snort-devel] Re: Snort DoS Fallacies Ron Jenkins (Sep 14)
Rules not Triggering after Snort v2.4.1 Ron Jenkins (Sep 21)
(snort_decoder) WARNING: IP dgm len < IP Hdr len! Ron Jenkins (Sep 19)

Ruiyuan Jiang

Snort InLine Mode Ruiyuan Jiang (Aug 09)

Russ Starr

Re: Get/wget sigs? Russ Starr (Sep 27)
Re: Alerts generated by hosts on which snort is runnung Russ Starr (Sep 14)
Re: how to configure snort with vlan Russ Starr (Sep 20)
Re: uricontent error Russ Starr (Sep 14)

Sabbiolina

BandWidth question Sabbiolina (Aug 09)

Sam Evans

Re: Snort 2.4 Released! Sam Evans (Jul 28)

Sam Przyswa

Anti SpyWare Sam Przyswa (Aug 22)
Re: Anti SpyWare Sam Przyswa (Aug 23)

Sandro Poppi

Snort IDMEF Plugin 2.0.0alpha2 released for Snort 2.4.0 Sandro Poppi (Jul 30)

Scott Dexter

Re: Snort 2.4 port for FreeBSD Scott Dexter (Sep 23)

Sean Kiewiet

OBSD / PROMISCUOUS Sean Kiewiet (Sep 19)
Duplicate classification Sean Kiewiet (Sep 21)

Sean Robinson

Re: Snort-users digest, Vol 1 #5306 - 11 msgs (Auto-Reply) Sean Robinson (Sep 28)
Re: Snort-users digest, Vol 1 #5254 - 9 msgs (Automated reply) Sean Robinson (Aug 29)

securehell

Old Snort binaries for Windows securehell (Sep 12)

sekure

Snort exit status sekure (Sep 30)
perfstats.c sekure (Sep 19)
perfmon-graph sekure (Sep 16)
Re: [Snort-sigs] Bad escape sequence? sekure (Sep 30)
Re: Snort performance concerns sekure (Sep 30)
Re: Tapping into the ring buffer sekure (Aug 22)
Tapping into the ring buffer sekure (Aug 19)
Bad escape sequence? sekure (Sep 30)

Shaun Gray

UNSUBSCRIBE Shaun Gray (Jul 13)

Simon Yip

snort variable to specify 2 networks and exclude one IP inside the network - How? Simon Yip (Jul 08)
Re: Snort-users digest, Vol 1 #5192 - 5 msgs Simon Yip (Jul 13)
Variable to specify 2 networks and exclude 1 host - How? Simon Yip (Jul 14)

si wood

Problem! Install HenWen, now LetterStick wont launch si wood (Sep 24)

SN ORT

Re: Snort + ISS Console SN ORT (Aug 11)
RE: Get/wget sigs? SN ORT (Sep 27)
Get/wget sigs? SN ORT (Sep 27)
RE: Get/wget sigs? SN ORT (Sep 27)

snort

ACID and Snort rules snort (Sep 19)

snort guy

preprocessor http_inspect_server destroying traffic snort guy (Jul 14)

snort sara

what is snort sara (Aug 09)
IPS snort sara (Jul 26)
Re: Second Snort instance killing performance snort sara (Sep 12)
testing snorts snort sara (Sep 12)
Alerts snort sara (Jul 27)

snort user

Re: (snort_decoder) WARNING: IP dgm len < IP Hdr len! snort user (Sep 19)

Someone.you dont.like

Barnyard not Updating MySQL Someone.you dont.like (Aug 28)
Re: Barnyard not Updating MySQL Someone.you dont.like (Aug 28)

Sp0ng3 B0b

Problem with permissions when snort ran as user "snort" Sp0ng3 B0b (Sep 09)
Re: Problem with permissions when snort ran as user "snort" Sp0ng3 B0b (Sep 09)

SRH-Lists

RE: Old unified log files SRH-Lists (Jul 18)

Srinivas Katta

RE: snort variable to specify 2 networks and exclude one IP inside the network - How? Srinivas Katta (Jul 08)
RE: snort variable to specify 2 networks and exclude one IP inside the network - How? Srinivas Katta (Jul 08)

Stephen Nesman

Re: how to further diagnose 'ICMP Destination Unreachable' problem? Stephen Nesman (Aug 30)

Steve Brown

Re: Image_Graph Quick Question Steve Brown (Sep 14)
Re: BASE vs. ACID Quick Question Steve Brown (Aug 25)

Steven Sturges

RE: Re: [Snort-users] Snort DoS Fallacies Steven Sturges (Sep 19)
RE: Re: [Snort-users] Snort DoS Fallacies Steven Sturges (Sep 19)
RE: Re: [Snort-users] Snort DoS Fallacies Steven Sturges (Sep 19)
RE: Re: [Snort-users] Bug(?): mysql reserved name usage Steven Sturges (Sep 23)
RE: Re: [Snort-users] Snort DoS Fallacies Steven Sturges (Sep 19)

Stevo

Re: Problems with MySQL & Snort Stevo (Aug 02)
Problems with MySQL & Snort Stevo (Aug 02)

Szymon Miotk

Re: Second Snort instance killing performance Szymon Miotk (Sep 08)

T.C.

(no subject) T.C. (Sep 02)
Re: not load snort rules when I use -D option T.C. (Sep 05)

Ted Kaczmarek

Re: A question about taps Ted Kaczmarek (Sep 16)

Ted Rohling

RE: [Snort-Users] Snort 2.4.1 Available Ted Rohling (Sep 18)

Teva AVRIL

UNSUSCRIBE Teva AVRIL (Jul 17)

The Frumious Robber of Zork

Re: Snort Beer Question The Frumious Robber of Zork (Sep 26)

Theodore Stout

Re: Snort Beer Question Theodore Stout (Sep 23)
Snort Beer Question Theodore Stout (Sep 23)
RE: IPS Theodore Stout (Jul 26)
Re: Snort Beer Question Theodore Stout (Sep 23)
Re: [Snort-Users] Snort 2.4.1 Available Theodore Stout (Sep 18)

tmp

Wrong setup? tmp (Sep 19)

tommy garsia

Snort rules for Jolt tommy garsia (Aug 02)

Tracey Jackson

Install guide help-- for Snort, Apache, SSL, PHP, and BASE install on Red hat WS 3 Tracey Jackson (Aug 11)
I am looking for a guide for this --Snort, Apache, SSL, PHP, and BASE install on Red hat WS 3 Tracey Jackson (Aug 11)
RE: Install guide help-- for Snort, Apache, SSL, PHP, and BASE install on Red hat WS 3 Tracey Jackson (Aug 11)

Troy Solo

Re: New virus zotob signature Troy Solo (Aug 16)

T Samp.

RE: Almost there! Complaining about no MySQL support after recompiling with --with-mysql T Samp. (Aug 25)
sfPortscan IP list ? T Samp. (Aug 31)
RE: sfPortscan IP list ? T Samp. (Sep 02)
RE: New to snort T Samp. (Aug 26)
RE: sfPortscan IP list ? T Samp. (Aug 31)

Turnquist,Wayne

windows 2k single pc with multiple snort interface with portscan log ? Turnquist,Wayne (Jul 08)
windows platform, looking for easy cisco ACL mang solution Turnquist,Wayne (Jul 31)
RE: windows 2k interface cmd in conf Turnquist,Wayne (Jul 07)
RE: windows 2k interface cmd in conf Turnquist,Wayne (Jul 08)
RE: windows 2k interface cmd in conf Turnquist,Wayne (Jul 07)
windows 2k interface cmd in conf Turnquist,Wayne (Jul 06)
Can a win2k pcap 1 interface have multiple sniff apps.......... Turnquist,Wayne (Jul 13)

vikrant

Re: How to test snort inline vikrant (Sep 30)
How to test snort inline vikrant (Sep 29)

Vinay AR

Where is SPADE ? Vinay AR (Aug 29)
Is SPADE already present in Snort 2.4 Vinay AR (Aug 29)
Snort 2.4 and Spade Patch 2.3.2 Vinay AR (Aug 29)
Is SPADE already present in Snort 2.4 Vinay AR (Aug 29)

Walt Rich

PIM - Multicasts Walt Rich (Aug 23)
New Snort 2.2 Rules Walt Rich (Sep 14)

Wayne Ho

snort died for no reason Wayne Ho (Sep 07)
Map Bleeding snort signature name in ACID/BASE Wayne Ho (Sep 08)

Wes Young

Re: Bug(?): mysql reserved name usage Wes Young (Sep 22)
Re: Alternate to Snortcenter2? Wes Young (Sep 23)

Williams Jon

RE: Alert on new IP in use? Williams Jon (Aug 01)

Will Metcalf

Re: [Snort-Users] Snort 2.4.1 Available Will Metcalf (Sep 18)
Re: SYN Proxy Will Metcalf (Jul 19)
Re: Snort 2.4.2 with ClamAV Will Metcalf (Sep 29)
Re: I am looking for a guide for this --Snort, Apache, SSL, PHP, and BASE install on Red hat WS 3 Will Metcalf (Aug 11)
Re: Snort InLine Mode Will Metcalf (Aug 09)
Re: Anti SpyWare Will Metcalf (Aug 22)
Re: snort inline Will Metcalf (Aug 24)
Re: Version 2.3.1 (Build 11) '''' By Martin Roesch & The Snort Team: http://www.snort.org/team.html (C) Copyright 1998-2004 Sourcefire Inc., et al. Received error message 16 Will Metcalf (Aug 21)
Re: snort deployment Will Metcalf (Aug 30)
Re: snort_inline problem Will Metcalf (Sep 27)
Re: Snort-Inline, IPTables and Performance Will Metcalf (Aug 25)
Re: preprocessor http_inspect_server destroying traffic Will Metcalf (Jul 14)
Re: Can't compile snort inline on FC3 Will Metcalf (Aug 19)
Re: IPS Will Metcalf (Jul 26)

Willy, Andrew

RE: Undocumented SIDs Willy, Andrew (Jul 21)
RE: Looking for Minimum System Requirments for BASE with SQL Willy, Andrew (Jul 08)
RE: (snort_decoder): Short UDP packet, length field > payload leng Willy, Andrew (Jul 14)
RE: BandWidth question Willy, Andrew (Aug 09)
RE: Var Home_Net and NIC talk prob Willy, Andrew (Aug 17)
RE: Snort & ACID Willy, Andrew (Aug 15)
Undocumented SIDs Willy, Andrew (Jul 21)
RE: snort for dummies ? Willy, Andrew (Aug 15)
RE: Undocumented SIDs Willy, Andrew (Jul 21)
RE: (snort_decoder): Short UDP packet, length field > payload length Willy, Andrew (Jul 14)
RE: Undocumented SIDs Willy, Andrew (Jul 21)

Wolf, Brian

Snort 2.4.0 self-test mode Wolf, Brian (Aug 22)

Xavier Cabrera

Logs in Messages Xavier Cabrera (Jul 05)
Re: SYN Proxy Xavier Cabrera (Jul 20)
Re: SYN Proxy Xavier Cabrera (Jul 19)
Re: Bleeding-Edge Virus 2001268 false positive (SWEN.A) Xavier Cabrera (Jul 05)
SYN Proxy Xavier Cabrera (Jul 19)
Re: (no subject) Xavier Cabrera (Aug 01)

Zultan

Snort -T and -K in 2.4.1 Zultan (Sep 17)
Re: Double logging in alert_fast - Problem solved Zultan (Sep 18)
Double logging in alert_fast Zultan (Sep 15)

Zultan

Re: Possible Evasion in Snort Multi Pattern Algorithm Zultan (Jul 13)

Previous period

Next period