Re: Snort Signature Database

[Stephan Scholz <sscholz () astaro com>]

This alert is not generated by a signature, but rather by a Snort preprocessor.
Details on alerts of preprocessors can be found in the according documentation,
e.g. doc/README.http_inspect

Stephan

Than Yu Jin wrote:
> Hi all,
>
>  
>
> Does anyone know is there any more snort signature database other than
> http://www.snort.org/pub-bin/sigs.cgi
>
> I realize this database does not include all the definition for the
> attack alerts.
>
>  
>
> Eg, (http_inspect) BARE BYTE UNICODE ENCODING
>
>  
>
> Even I receive alerts, but I could not do any action since it is unknown
> classification.
>
>  
>
> It will be good, if the others snort signature database will be same as
> this
>
> http://www.snort.org/pub-bin/sigs.cgi?sid=2649
>
>  
>
> Thank You.....
>
>  
>
> Regards,
>
> Eugene
>
> IT Security, OPUS/IT
>
> 03 - 27306653 (ext: 653)
>
>  
>
> Data Classification:* 2*
> [ 0-Public  1-Internal  2-Confidential (authorization required) 
> 3-Strictly Confidential ]
>
> /This message is intended solely for the addressee. It is confidential
> and may be legally privileged. Access to this message by anyone is
> unauthorized. Unauthorized use is strictly prohibited and may be
> unlawful.  If you are not the intended recipient, any disclosure,
> copying, or distribution of the message, or any action or omission taken
> by you in reliance on it, except for the purpose of the delivery to the
> addressee, is prohibited and may be unlawful. Any confidentiality or
> privilege is not waived or lost because this mail has been sent to by
> mistake./
>
>  
>
> This e-mail and any attachments therewith are intended only for the use
> of the address. This e-mail may contain confidential and privileged
> information. Any unauthorized use, copying or disclosure of information
> contained in this e-mail or its attachments is strictly prohibited and
> may be unlawful. If you have received this e-mail in error, please
> contact the sender via return e-mail and delete this e-mail and
> attachments thereafter. Any confidentiality or privilege is not waived
> or lost because this e-mail has been sent to you by mistake. Any
> liability for viruses is excluded to the fullest extent permitted by law.
>
>  
>
>
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users


-- 

Stephan Scholz

sscholz () astaro com | Development
Astaro AG | www.astaro.com | Phone +49-721-25516-0
Fax +49-721-25516-200
Amalienbadstraße 36 / Bau 33a | 76227 Karlsruhe | Germany

- PC Magazine Best of the Year 2004/2005
- CRN Best of the Year 2005
- SC Magazine "Best Buy" & 5 star rating - October 2005, Best of the Year 2005
- Internet Professionell "Empfehlung der Redaktion" - November 2005


-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users