Snort mailing list archives
Re: Snort only produces Steam5 alerts
From: Jefferson Diego Diede <jeffersondiego8 () gmail com>
Date: Sat, 28 Sep 2013 09:02:48 -0300
Are you using the full ruleset? *Best Regards,* Jefferson *“**Diede”* Diego *Linux System Administrator* Enviado via iPhone Em 27/09/2013, às 17:28, Joe Seanor <joseph.seanor () gmail com> escreveu: I have a new install of snort: ,,_ -*> Snort! <*- o" )~ Version 2.9.3.1 IPv6 GRE (Build 40) '''' By Martin Roesch & The Snort Team: http://www.snort.org/snort/snort-team Copyright (C) 1998-2012 Sourcefire, Inc., et al. Using libpcap version 1.4.0 Using PCRE version: 8.30 2012-02-04 Using ZLIB version: 1.2.7 And it has run for a full 24 hours, and the only alert (50 of them) that I have is stream5: Reset outside window. I even ran an external Nmap scan, and I received a "Portscan alert" and then everything else showed up as a stream5 alert. What did I miss in my configuration? Joe ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort only produces Steam5 alerts Joe Seanor (Sep 27)
- Message not available
- Message not available
- Re: Snort only produces Steam5 alerts James Lay (Sep 27)
- Message not available
- Message not available
- Re: Snort only produces Steam5 alerts Jefferson Diego Diede (Sep 28)
- Re: Snort only produces Steam5 alerts Joel Esler (Sep 30)