Snort mailing list archives
Re: How to search for SID?
From: "Rodrigo Montoro(Sp0oKeR)" <spooker () gmail com>
Date: Fri, 16 Apr 2010 10:47:44 -0300
Try this http://www.snort.org/search Regards, On Fri, Apr 16, 2010 at 12:21 AM, Chong Lee Poh <Chong.LeePoh () allianz com my> wrote:
Hi,
My Snort report tool (SnortALog) generated info such as "WEB-MISC SSLv3
invalid data version attempt {tcp}", without showing the SID.
I do not have the SID, but I would like to find out if this alert
relevant to me. Is there a web site that I can key in the alert to look
for SID or explanation of the alert?
I use "http://www.snortid.com/"; to look for description when I have the
SID. However, for alert without SID, where can I obtain further
information?
Please assist!! Many thanks in advance.
Regards,
Chong
This e-mail and any attachments therewith are intended only for the use of the address. This e-mail may contain
confidential and privileged information. Any unauthorized use, copying or disclosure of information contained in
this e-mail or its attachments is strictly prohibited and may be unlawful. If you have received this e-mail in error,
please contact the sender via return e-mail and delete this e-mail and attachments thereafter. Any confidentiality or
privilege is not waived or lost because this e-mail has been sent to you by mistake. Any liability for viruses is
excluded to the fullest extent permitted by law.
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
-- Rodrigo Montoro (Sp0oKeR) http://www.spooker.com.br http://www.twitter.com/spookerlabs http://www.linkedin.com/in/spooker ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs
Current thread:
- Re: Sourcefire VRT Certified Snort Rules Update 2010-04-13, (continued)
- Re: Sourcefire VRT Certified Snort Rules Update 2010-04-13 Nigel Houghton (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Nigel Houghton (Apr 14)
- Re: Sourcefire VRT Certified Snort RulesUpdate2010-04-13 evilghost () packetmail net (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Jeff Nathan (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Jeff Nathan (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)
- Message not available
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)
- How to search for SID? Chong Lee Poh (Apr 15)
- Re: How to search for SID? Rodrigo Montoro(Sp0oKeR) (Apr 16)
- Re: How to search for SID? Joel Esler (Apr 16)
- SSLv2 alerts Chong Lee Poh (Jun 02)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 Nigel Houghton (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 chris . kniseley (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 infosec posts (Apr 14)
- Re: Sourcefire VRT Certified Snort Rules Update2010-04-13 evilghost () packetmail net (Apr 14)