Snort: by date
RSS Feed
About List
All Lists
Previous period
567 messages
starting Mar 31 15 and
ending Jun 30 15
Date index |
Thread index |
Author index
Tuesday, 31 March
Fw: Snort Malicious Traffic Redirection to other IP mehrdad hajizadeh
Wednesday, 01 April
Re: Fw: Snort Malicious Traffic Redirection to other IP Al Lewis (allewi)
Snort inline IPS NFQ iptables subscription sites
Re: Getting alerts for every file Snort detects and File Services preprocessor Pablo Cantos Polaino
Re: Getting alerts for every file Snort detects and File Services preprocessor Victor Roemer
Re: Snort inline IPS NFQ iptables James Lay
Thursday, 02 April
Snort Install Leon Vergottini
Re: Getting alerts for every file Snort detects and File Services preprocessor Pablo Cantos Polaino
Re: Snort Install Al Lewis (allewi)
Re: Fw: Snort Malicious Traffic Redirection to other IP mehrdad hajizadeh
Re: Snort Install Leon Vergottini
Sourcefire VRT Certified Snort Rules Update 2015-04-02 Research
Re: Snort Install Al Lewis (allewi)
Design and Hardware. Binde Dig
Friday, 03 April
Re: Design and Hardware. Al Lewis (allewi)
Unknown ClassType: sdf Andrew Shagayev
Saturday, 04 April
Re: Unknown ClassType: sdf Al Lewis (allewi)
Monday, 06 April
Re: snort.stats key-value mapping Juan Jesus Prieto
Tuesday, 07 April
Re: Getting alerts for every file Snort detects and File Services preprocessor Pablo Cantos Polaino
Reg: Snort Rule for HTTP traffic Ravi Menon
Re: Reg: Snort Rule for HTTP traffic Al Lewis (allewi)
Sourcefire VRT Certified Snort Rules Update 2015-04-07 Research
Re: Reg: Snort Rule for HTTP traffic Ravi Menon
Wednesday, 08 April
Stream5/6 marking RST as invalid when it shouldn't? Mike Cox
[HITB-Announce] HITB GSEC 2015 Singapore - Call for Papers Hafez Kamal
Re: Getting alerts for every file Snort detects and File Services preprocessor Victor Roemer
PulledPork v0.7.0 no honoring proxy Jacobi, Michael W CIV NSWCCD Philadelphia, 10432
Re: [HITB-Announce] HITB GSEC 2015 Singapore - Call for Papers Teo En Ming (Zhang Enming)
Thursday, 09 April
Re: Getting alerts for every file Snort detects and File Services preprocessor Pablo Cantos Polaino
Re: snort.stats key-value mapping Karolis
Sourcefire VRT Certified Snort Rules Update 2015-04-09 Research
Negation of appid keywords Jeff Hammett
Friday, 10 April
threshold.conf - event_filter dificulties. Jean-Pierre Zurbrügg
Snort as IPS and correlation Daniel Lopez
Re: Snort as IPS and correlation lists () packetmail net
Re: Snort as IPS and correlation James Lay
Possible memory leaks in Snort-3.0.0-a1 (144/145) found... Bill Parker
Re: Snort as IPS and correlation stephane.nasdrovisky
Re: threshold.conf - event_filter dificulties. James Lay
Re: threshold.conf - event_filter dificulties. James Lay
Re: threshold.conf - event_filter dificulties. Y M
Monday, 13 April
Re: snort.stats key-value mapping Juan Jesus Prieto
Re: Possible memory leaks in Snort-3.0.0-a1 (144/145) found... Russ
Lack of sanity checks and possible memory leak in 2.9.7.x Bill Parker
Re: snort.stats key-value mapping (Solved) Karolis
Post-Detection keyword [logto] not working Emiliano Fausto
Re: Post-Detection keyword [logto] not working James Lay
Re: Post-Detection keyword [logto] not working Emiliano Fausto
Tuesday, 14 April
Re: snort.stats key-value mapping (Solved) Juan Jesus Prieto
Re: snort.stats key-value mapping (Solved) Karolis
Re: Post-Detection keyword [logto] not working James Lay
Re: snort.stats key-value mapping (Solved) Juan Jesus Prieto
Re: threshold.conf - event_filter dificulties. Jean-Pierre Zurbrügg
Snort 2.9.7.2 and barnyard2 1.13 on RHEL via RPM Tomas Hajek
Re: Snort 2.9.7.2 and barnyard2 1.13 on RHEL via RPM Tawanda Purazi
Wednesday, 15 April
CVE 2015-3034 GAM Intelligence
questions about snort behavior May Smith
Re: Snort 2.9.7.2 and barnyard2 1.13 on RHEL via RPM Tomas Hajek
Re: questions about snort behavior Tomas Hajek
Re: questions about snort behavior Al Lewis (allewi)
Sourcefire VRT Certified Snort Rules Update 2015-04-14 Research
tag:host Xin, Qiao
Re: tag:host Al Lewis (allewi)
IDS or IPS Marcio Guerreiro
Re: tag:host Xin, Qiao
Re: IDS or IPS Al Lewis (allewi)
Re: tag:host Al Lewis (allewi)
Thursday, 16 April
PulledPork error 400 when fetching ruleset Throw Away
Re: Getting alerts for every file Snort detects and File Services preprocessor Pablo Cantos Polaino
Compromised vBulletin sig James Lay
Re: Post-Detection keyword [logto] not working Emiliano Fausto
Sourcefire VRT Certified Snort Rules Update 2015-04-16 Research
Re: Post-Detection keyword [logto] not working Al Lewis (allewi)
Determination of ssl_state Shin Mura
Friday, 17 April
Re: PulledPork error 400 when fetching ruleset James Lay
Snort not alerting although tcpdump shows packet Gaurav Srivastava
Snort++: Inline Mode Sancho Panza
Re: Snort not alerting although tcpdump shows packet Kumarswamy H N (kumhn)
Re: Post-Detection keyword [logto] not working Emiliano Fausto
Re: Snort not alerting although tcpdump shows packet Al Lewis (allewi)
KrakenHTTP botnet sig James Lay
Re: Snort++: Inline Mode Russ
Re: Hosts Attribute exception/override? Jefferson, Shawn
Re: Hosts Attribute exception/override? Joel Esler (jesler)
Saturday, 18 April
Re: unified2 extra data - howto Michal Keníž
Re: unified2 extra data - howto Pablo Cantos Polaino
Monday, 20 April
Re: Super slow inline performance of snort 2.9.6.0 N0de
Re: Super slow inline performance of snort 2.9.6.0 Joel Esler (jesler)
Tuesday, 21 April
ipcop Justin Dodd
Re: ipcop Sree Raj
How to enable multi-thread processing with Snort3? Li, Ricky
Re: How to enable multi-thread processing with Snort3? Russ
Re: How to enable multi-thread processing with Snort3? Li, Ricky
Re: How to enable multi-thread processing with Snort3? Russ
Re: How to enable multi-thread processing with Snort3? Li, Ricky
Sourcefire VRT Certified Snort Rules Update 2015-04-21 Research
PulledPork 0.7.1 hangs Michael Steele
Re: PulledPork 0.7.1 hangs Shirkdog
Re: ipcop Justin Dodd
Re: ipcop Sree Raj
Wednesday, 22 April
[repost] Super slow performance of snort 2.9.6.0 in inline mode N0de
Super slow inline performance of snort 2.9.6.0 N0de
Re: Super slow inline performance of snort 2.9.6.0 Al Lewis (allewi)
c0c0n 2015 | The cy0ps c0n - Call For Papers & Call For Workshops c0c0n International Information Security Conference
Thursday, 23 April
ARPspoof preprocessor, barnyard, & BASE Michael B
Ensuring all pulledpork issues are documented (migration from google-code) Shirkdog
Re: Ensuring all pulledpork issues are documented (migration from google-code) James Lay
Re: ipcop waldo kitty
Sourcefire VRT Certified Snort Rules Update 2015-04-23 Research
Friday, 24 April
Snort inline with Squid Robert Lasota
Re: Snort inline with Squid James Lay
Odp: Re: Snort inline with Squid Robert Lasota
Re: Snort inline with Squid James Lay
Magento CVE-2015-1397, CVE-2015-1398, CVE-2015-1399 Sig James Lay
Quantum Insert detection for Snort James Lay
problem with snortsam patch Daniel Lopez
Re: problem with snortsam patch lists () packetmail net
Re: problem with snortsam patch Al Lewis (allewi)
Saturday, 25 April
Odp: Re: Snort inline with Squid Robert Lasota
Re: Odp: Re: Snort inline with Squid James Lay
Sunday, 26 April
Pulledpork: preprocessors, ips_policy and snort.conf Michael B
Re: ARPspoof preprocessor, barnyard, & BASE Michael B
Re: Pulledpork: preprocessors, ips_policy and snort.conf Y M
FTP rules, different port Michael B
Re: FTP rules, different port Y M
Re: Odp: Re: Snort inline with Squid James Lay
Monday, 27 April
Snort++: Bugs? Sancho Panza
Re: Snort++: Bugs? Russ
Odp: Re: Odp: Re: Snort inline with Squid Robert Lasota
Re: Odp: Re: Odp: Re: Snort inline with Squid James Lay
Odp: Re: Odp: Re: Odp: Re: Snort inline with Squid Robert Lasota
snortsam agent doesn't block ip in external firewall Daniel Lopez
Re: Odp: Re: Odp: Re: Odp: Re: Snort inline with Squid James Lay
Re: False positives on mysql traffic For Sinton
Strange events happening after installing PulledPork Michael Steele
Maximum oversize_dir_length Michael B
Tuesday, 28 April
Re: snortsam agent doesn't block ip in external firewall stephane.nasdrovisky
Re: snortsam agent doesn't block ip in external firewall Al Lewis (allewi)
Re: False positives on mysql traffic Al Lewis (allewi)
Odp: Re: Odp: Re: Odp: Re: Odp: Re: Snort inline with Squid Robert Lasota
Sourcefire VRT Certified Snort Rules Update 2015-04-28 Research
Re: Snort++: Inline Mode Russ
Re: Strange events happening after installing PulledPork Joel Esler (jesler)
Re: False positives on mysql traffic Jacobi, Michael W CIV NSWCCD Philadelphia, 10432
Re: Strange events happening after installing PulledPork Michael Steele
Re: Strange events happening after installing PulledPork Joel Esler (jesler)
Re: False positives on mysql traffic Al Lewis (allewi)
Wednesday, 29 April
Snort++: Specifying more than one daq vars Sancho Panza
(no subject) rohit Kulkarni
Re: Snort++: Specifying more than one daq vars Russ
Re: Snort++: Bugs? Russ
Re: Snort++: Bugs? Sancho Panza
Thursday, 30 April
Snort++ Build 150 Available Now Snort Releases
Snort++ Build 150 Available Now Snort Releases
Error 404 when fetching https://www.snort.org/downloads/registered/snortrules-snapshot-2962.tar.gz.md5 Brian Diehl
Re: Snort++: Bugs? Russ
Re: Error 404 when fetching https://www.snort.org/downloads/registered/snortrules-snapshot-2962.tar.gz.md5 Joel Esler (jesler)
Sourcefire VRT Certified Snort Rules Update 2015-04-30 Research
Friday, 01 May
Mumblehard sig James Lay
Saturday, 02 May
snort inline mode in CentOS 6.6 Abdallah Jabbour
Re: snort inline mode in CentOS 6.6 James Lay
Sunday, 03 May
ModSecurity CRS Parser Big Whale
Trigger anomalies (on LXC container versus host) Chris
README.sfportscan doc update James Lay
Re: Trigger anomalies (on LXC container versus host) Doug Burks
Re: ModSecurity CRS Parser Al Lewis (allewi)
Re: Trigger anomalies (on LXC container versus host) Al Lewis (allewi)
Re: Trigger anomalies (on LXC container versus host) Chris
Re: Trigger anomalies (on LXC container versus host) Chris
Re: Snort-users Digest, Vol 108, Issue 2 Abdallah Jabbour
Re: Snort-users Digest, Vol 108, Issue 2 Abdallah Jabbour
Re: Trigger anomalies (on LXC container versus host) Al Lewis (allewi)
Re: Snort-users Digest, Vol 108, Issue 2 Al Lewis (allewi)
Re: Trigger anomalies (on LXC container versus host) Chris
Re: Trigger anomalies (on LXC container versus host) Al Lewis (allewi)
Re: Trigger anomalies (on LXC container versus host) Al Lewis (allewi)
Monday, 04 May
Re: Trigger anomalies (on LXC container versus host) waldo kitty
Re: KrakenHTTP botnet sig Matt Mickel
Re: Compromised vBulletin sig Matt Mickel
PROTOCOL-DNS DNS query amplification attempt (1:28556) Mustaque
Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Al Lewis (allewi)
Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Geoffrey Serrao
Re: Snort++: Bugs? Sancho Panza
Re: Snort++: Bugs? Russ
Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) rmkml
Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) rmkml
Tuesday, 05 May
Re: Trigger anomalies (on LXC container versus host) Chris
Re: Trigger anomalies (on LXC container versus host) Chris
Re: Trigger anomalies (on LXC container versus host) Al Lewis (allewi)
Sourcefire VRT Certified Snort Rules Update 2015-05-05 Research
Parallel running of snort Yogesh C U
Re: Parallel running of snort Al Lewis (allewi)
Wednesday, 06 May
snort as a service Adam Ring
question John Mummery
Re: question Al Lewis (allewi)
Snort Heap Profiling using tcmalloc Akshita Tyagi
Re: question Stephen Gantz
Thursday, 07 May
Building Alert rule May Smith
Updating Snort Rules Offline Johnson, Neil.X, Vodafone Group
Re: Building Alert rule Al Lewis (allewi)
Re: Updating Snort Rules Offline Emiliano Fausto
Problems installing/configuring Snort on Fedora snort_user
File preprocessor and snort daemon Eugenio Perez
Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Mustaque Ahmad
Re: Problems installing/configuring Snort on Fedora Joel Esler (jesler)
Re: Building Alert rule Joel Esler (jesler)
Re: Problems installing/configuring Snort on Fedora Michael Brown
Snort Subscriber Rules Update 2015-05-07 Research
Re: Problems installing/configuring Snort on Fedora Michael Brown
Re: Problems installing/configuring Snort on Fedora Joel Esler (jesler)
Re: Problems installing/configuring Snort on Fedora Michael Brown
Fwd: Can we change the documentation for the -c flag please? adrianc
Re: Fwd: Can we change the documentation for the -c flag please? James Lay
Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Jamie Riden
Friday, 08 May
Re: Problems installing/configuring Snort on Fedora Y M
Re: Problems installing/configuring Snort on Fedora snort_user
File preprocessor fails to capture files Pablo Cantos Polaino
Re: File preprocessor fails to capture files Hui Cao (huica)
Re: File preprocessor and snort daemon Hui Cao (huica)
Re: File preprocessor fails to capture files Pablo Cantos Polaino
Re: File preprocessor fails to capture files Hui cao
Re: Problems installing/configuring Snort on Fedora Y M
Re: Problems installing/configuring Snort on Fedora Michael Brown
snort inline mode does not capture traffic destined to other machine on the internal network Abdallah Jabbour
Re: snort inline mode does not capture traffic destined to other machine on the internal network Al Lewis (allewi)
Re: snort inline mode does not capture traffic destined to other machine on the internal network Abdallah Jabbour
Re: snort inline mode does not capture traffic destined to other machine on the internal network Abdallah Jabbour
Re: File preprocessor fails to capture files Pablo Cantos Polaino
Re: File preprocessor fails to capture files Hui Cao (huica)
Error with LuaJIT when compiling 2.9.7.x on OS X with OpenAppID Wil Mail
Re: File preprocessor fails to capture files Pablo Cantos Polaino
Re: File preprocessor fails to capture files Hui Cao (huica)
Saturday, 09 May
Re: snort inline mode does not capture traffic destined to other machine on the internal network Gregory W. MacPherson
Sunday, 10 May
Re: snort inline mode does not capture traffic destined to other machine on the internal network Abdallah Jabbour
Re: snort inline mode does not capture traffic destined to other machine on the internal network Abdallah Jabbour
Monday, 11 May
unixsock output plugin for snort Alerts Dilipan Janarthanan (djanarth)
FILE-IDENTIFY FON font file download request (1:20269) Rodgers, Anthony (DTMB)
Re: FILE-IDENTIFY FON font file download request (1:20269) Alex McDonnell
Re: FILE-IDENTIFY FON font file download request (1:20269) Rodgers, Anthony (DTMB)
Tuesday, 12 May
About Snort's configure files tomsun.0.7
Re: Bugs in Packet I/O Totals section elof2
Re: Unable to kill a non-zombie process with -9 elof2
Re: PROTOCOL-DNS DNS query amplification attempt (1:28556) Mustaque
/var/log/messages filling up test engineer
Snort Subscriber Rules Update 2015-05-12 Research
Wednesday, 13 May
Re: unixsock output plugin for snort Alerts Dilipan Janarthanan (djanarth)
SNORT DNS TUNNELING emmanuel
[PATCH] useradd -r in snort.spec Filippo Carletti
Re: unixsock output plugin for snort Alerts Carter Waxman (cwaxman)
SSL Initiation Rule Steven Tonge
Re: SNORT DNS TUNNELING Joel Esler (jesler)
Thursday, 14 May
Re: SNORT DNS TUNNELING emmanuel
Re: unixsock output plugin for snort Alerts Dilipan Janarthanan (djanarth)
Re: Magento CVE-2015-1397, CVE-2015-1398, CVE-2015-1399 Sig Matt Mickel
Snort Subscriber Rules Update 2015-05-14 Research
snort snort don't recognize plugin sid set by me Daniel Lopez
Friday, 15 May
Segregating drop alerts Anshuman Anil Deshmukh
Re: File preprocessor fails to capture files Pablo Cantos Polaino
Re: snort snort don't recognize plugin sid set by me Y M
Re: SSL Initiation Rule Y M
Re: File preprocessor fails to capture files Russ
Snort++: snort2lua bug Sancho Panza
ssp_ssl: Invalid Client HELLO after Server HELLO Detected Maurizio
Saturday, 16 May
Re: ssp_ssl: Invalid Client HELLO after Server HELLO Detected Al Lewis (allewi)
Re: File preprocessor fails to capture files Pablo Cantos Polaino
Sunday, 17 May
Re: File preprocessor fails to capture files Russ
Monday, 18 May
Re: /var/log/messages filling up Cynthia Leonard (cyleonar)
Re: File preprocessor fails to capture files Pablo Cantos Polaino
Barnyard2, Syslog and formatting. Miller, Mike
Re: /var/log/messages filling up test engineer
WARNING: No preprocessors configured for policy 0 Michael Steele
Re: Barnyard2, Syslog and formatting. James Lay
Tuesday, 19 May
Re: /var/log/messages filling up Cynthia Leonard (cyleonar)
Snort Subscriber Rules Update 2015-05-19 Research
Snort 2.9.7.3 Now Available Snort Releases
Snort 2.9.7.3 Now Available Snort Releases
Wednesday, 20 May
Snort 2.9.7.2 throws ERROR: Cannot decode data link type 113 while reading pcaps Pratik Narang
Re: Snort 2.9.7.2 throws ERROR: Cannot decode data link type 113 while reading pcaps waldo kitty
Re: Snort 2.9.7.2 throws ERROR: Cannot decode data link type 113 while reading pcaps Pratik Narang
Re: Snort 2.9.7.2 throws ERROR: Cannot decode data link type 113 while reading pcaps Al Lewis (allewi)
Security Consultant in CA Mustafa Qasim
RPM Build Failure for Snort 2.9.7.3-1 from source RPM Tomas Hajek
PoC for Tracking Canada Bank Swift Codes Bill Parker
Re: Security Consultant in CA waldo kitty
Re: Snort-users Digest, Vol 108, Issue 36 Miller, Mike
Minor error in PoC for Canada Swift Transaction Codes Bill Parker
Re: RPM Build Failure for Snort 2.9.7.3-1 from source RPM (Tomas Hajek) Joel Cornett (jocornet)
Re: Snort-users Digest, Vol 108, Issue 36 waldo kitty
Re: Snort 2.9.7.2 throws ERROR: Cannot decode data link type 113 while reading pcaps Pratik Narang
Thursday, 21 May
Re: Snort 2.9.7.2 throws ERROR: Cannot decode data link type 113 while reading pcaps Al Lewis (allewi)
Re: Snort 2.9.7.2 throws ERROR: Cannot decode data link type 113 while reading pcaps Pratik Narang
Re: Snort 2.9.7.2 throws ERROR: Cannot decode data link type 113 while reading pcaps Al Lewis (allewi)
File preprocessor: suspected bug found and solved Pablo Cantos Polaino
Dridex/Kryptik Pascal Library X-Mailer sig James Lay
Snort Subscriber Rules Update 2015-05-21 Research
Config parsing issue with a poor config section Daniel Einspanjer
Friday, 22 May
Re: Segregating drop alerts Anshuman Anil Deshmukh
Re: Segregating drop alerts Glenn Forbes Fleming Larratt
Re: Segregating drop alerts Anshuman Anil Deshmukh
Rules division, divide, split Robert Lasota
Improved strncpy for Snort... Bill Parker
Re: Rules division, divide, split Joel Esler (jesler)
Re: File preprocessor: suspected bug found and solved Hui Cao (huica)
Re: Segregating drop alerts Glenn Forbes Fleming Larratt
Odp: Re: Rules division, divide, split Robert Lasota
Odp: Odp: Re: Odp: Re: Odp: Re: Odp: Re: Snort inline with Squid Robert Lasota
Error 422 with snortrules-snapshot-2972.tar.gz Scott Link
Re: Error 422 with snortrules-snapshot-2972.tar.gz Shirkdog
Re: Error 422 with snortrules-snapshot-2972.tar.gz Joel Esler (jesler)
Sunday, 24 May
payload to craft rules Marcio Guerreiro
Monday, 25 May
Re: File preprocessor: suspected bug found and solved Pablo Cantos Polaino
Re: Config parsing issue with a poor config section Rahul Burman (rahburma)
[HITB-Announce] REMINDER: Call for Papers for HITB GSEC Hafez Kamal
Inconsistent use of memset() in snort<nnnn>/src/sfutil/acsmx2.c & ascmx.c Bill Parker
File Preprocessor: Features developed (ExtraData fields in events and S3 storage) Pablo Cantos Polaino
Re: Snort 2.9.7.2 throws ERROR: Cannot decode data link type 113 while reading pcaps Pratik Narang
Snort Rules Enquiry Diego Batigoal
Re: Segregating drop alerts Anshuman Anil Deshmukh
Re: Snort Rules Enquiry Jamie Riden
Re: Inconsistent use of memset() in snort<nnnn>/src/sfutil/acsmx2.c & ascmx.c Cynthia Leonard (cyleonar)
Re: Minor error in PoC for Canada Swift Transaction Codes Cynthia Leonard (cyleonar)
Tuesday, 26 May
Re: Segregating drop alerts Anshuman Anil Deshmukh
Rule sets omitted from default snort.conf in 2.9.7.3 Michael Steele
Re: Segregating drop alerts Rodgers, Anthony (DTMB)
Re: Segregating drop alerts Glenn Forbes Fleming Larratt
Rules managing Robert Lasota
Re: Segregating drop alerts Anshuman Anil Deshmukh
Re: Dridex/Kryptik Pascal Library X-Mailer sig Matthew Mickel
Re: Rules managing Y M
u2 binary format question Avery Rozar
Re: Rule sets omitted from default snort.conf in 2.9.7.3 waldo kitty
Re: Segregating drop alerts waldo kitty
Re: Segregating drop alerts Anshuman Anil Deshmukh
Re: Rules division, divide, split Joel Esler (jesler)
Snort Subscriber Rules Update 2015-05-26 Research
Re: Segregating drop alerts Joel Esler (jesler)
Re: Segregating drop alerts Joel Esler (jesler)
Re: Rule sets omitted from default snort.conf in 2.9.7.3 Joel Esler (jesler)
Re: Snort Rules Enquiry Joel Esler (jesler)
Re: Snort Rules Enquiry waldo kitty
Re: Segregating drop alerts waldo kitty
Re: Snort Rules Enquiry Joel Esler (jesler)
Re: Rule sets omitted from default snort.conf in 2.9.7.3 Michael Steele
Wednesday, 27 May
about rules commented jihene ksiksi
Re: Segregating drop alerts [RESOLVED] Anshuman Anil Deshmukh
Re: Bugs in Packet I/O Totals section elof
Re: Error with LuaJIT when compiling 2.9.7.x on OS X with OpenAppID Wil Mail
Re: preprocessor stream5_global prune_log_max 0 elof
Re: Bugs in Packet I/O Totals section Carter Waxman (cwaxman)
Re: Bugs in Packet I/O Totals section elof
Snort -T additional output Bill Parker
Re: Snort -T additional output Russ
Re: Segregating drop alerts [RESOLVED] Anshuman Anil Deshmukh
Re: about rules commented Joel Esler (jesler)
Re: preprocessor stream5_global prune_log_max 0 Victor Roemer
Forbidden filipe.palma () scms pt
Re: u2 binary format question Victor Roemer
Re: u2 binary format question Avery Rozar
Re: about rules commented Diego Batigoal
Re: about rules commented waldo kitty
Re: Forbidden waldo kitty
Re: about rules commented Diego Batigoal
Re: Forbidden Michael Steele
Thursday, 28 May
Re: preprocessor stream5_global prune_log_max 0 elof
Estimating Snort's speed in processing pcaps Pratik Narang
Pulledpork and changing rules in modifysid.conf Robert Lasota
Re: Pulledpork and changing rules in modifysid.conf Y M
Re: Estimating Snort's speed in processing pcaps Y M
Re: Estimating Snort's speed in processing pcaps Pablo Cantos Polaino
Re: Forbidden waldo kitty
Snort Subscriber Rules Update 2015-05-28 Research
Re: Forbidden filipe.palma () scms pt
How to make interface to listen in promiscous mode? Daniel Lopez
Re: Forbidden waldo kitty
Friday, 29 May
PulledPork stopped updating and starts duplicate Robert Lasota
SOLVED: Re: Bugs in Packet I/O Totals section elof
what is the latest IDS management tool ? Marcio Guerreiro
Re: Estimating Snort's speed in processing pcaps Pratik Narang
Re: what is the latest IDS management tool ? Rodgers, Anthony (DTMB)
Problem downloading nor rules Gonçalo Fonseca
Re: Error 422 with snortrules-snapshot-2972.tar.gz Scott Link
Re: Pulledpork and changing rules in modifysid.conf Shirkdog
Re: Problem downloading nor rules Joel Esler (jesler)
Re: Estimating Snort's speed in processing pcaps Pablo Cantos Polaino
Re: Error 422 with snortrules-snapshot-2972.tar.gz Joel Esler (jesler)
Re: about rules commented Joel Esler (jesler)
Re: Error 422 with snortrules-snapshot-2972.tar.gz Scott Link
Odp: PulledPork stopped updating and starts duplicate Robert Lasota
Re: Odp: PulledPork stopped updating and starts duplicate Shirkdog
Re: Forbidden Joel Esler (jesler)
Odp: Re: Odp: PulledPork stopped updating and starts duplicate Robert Lasota
Re: Error with LuaJIT when compiling 2.9.7.x on OS X with OpenAppID Carter Waxman (cwaxman)
Re: Odp: Re: Odp: PulledPork stopped updating and starts duplicate Y M
Re: Rule sets omitted from default snort.conf in 2.9.7.3 Joel Esler (jesler)
Re: PulledPork stopped updating and starts duplicate Joel Esler (jesler)
Re: Error with LuaJIT when compiling 2.9.7.x on OS X with OpenAppID Wil Mail
Saturday, 30 May
Odp: Re: PulledPork stopped updating and starts duplicate Robert Lasota
PulledPork and empty Emerging ruleset Robert Lasota
Re: PulledPork and empty Emerging ruleset Y M
thank you for your answer ??????
Re: thank you for your answer waldo kitty
Odp: Re: PulledPork and empty Emerging ruleset Robert Lasota
Re: Odp: Re: PulledPork and empty Emerging ruleset snort
Odp: Re: Odp: Re: PulledPork and empty Emerging ruleset Robert Lasota
Re: Odp: Re: Odp: Re: PulledPork and empty Emerging ruleset snort
Monday, 01 June
Odp: Re: Odp: Re: Odp: Re: PulledPork and empty Emerging ruleset Robert Lasota
c0c0n 2015 | The cy0ps c0n - CFP & CFW - Extended Deadline: 14 June, 2015 c0c0n International Information Security Conference
Snort Runs But Stops Working Cloherty, Sean E
Re: Odp: Re: Odp: Re: Odp: Re: PulledPork and empty Emerging ruleset waldo kitty
Re: Snort Runs But Stops Working Cynthia Leonard (cyleonar)
Snort++ Build 155 Available Now Snort Releases
Snort++ Build 155 Available Now Snort Releases
Re: Snort Runs But Stops Working Cloherty, Sean E
Re: PulledPork and empty Emerging ruleset Joel Esler (jesler)
Re: thank you for your answer Joel Esler (jesler)
TTL & Byte rate limit Cahit Eyigünlü
Tuesday, 02 June
Odp: Re: PulledPork and empty Emerging ruleset Robert Lasota
Snort Subscriber Rules Update 2015-06-02 Research
Re: TTL & Byte rate limit Al Lewis (allewi)
suppress not working for emerging threats rules Matthew Ritenburg
Wednesday, 03 June
Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 elof
Re: Estimating Snort's speed in processing pcaps Pratik Narang
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 Hui cao
Re: Forbidden Filipe Palma
Thursday, 04 June
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 elof
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 elof
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 Russ
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 elof
Re: Snort Runs But Stops Working Carter Waxman (cwaxman)
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 Hui Cao (huica)
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 elof
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 Hui Cao (huica)
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 elof
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 Hui Cao (huica)
Snort Subscriber Rules Update 2015-06-04 Research
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 elof
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 Hui cao
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 elof
Friday, 05 June
Snort Rule generating snort.u2 zero (the use of variables indeed) Marcio Guerreiro
Re: Snort Rule generating snort.u2 zero (the use of variables indeed) Al Lewis (allewi)
Sunday, 07 June
About HTTP INSPECT 강명훈
Re: About HTTP INSPECT Al Lewis (allewi)
Monday, 08 June
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 elof
Re: Snort Runs But Stops Working Cloherty, Sean E
Re: Error 422 with snortrules-snapshot-2972.tar.gz Joel Esler (jesler)
Re: Error 422 with snortrules-snapshot-2972.tar.gz Scott Link
Should I setup NIC sensor with IP address or without IP address ? Marcio Guerreiro
Re: Should I setup NIC sensor with IP address or without IP address ? Al Lewis (allewi)
Signature Question Community Rules Incera, Matthew
Re: Signature Question Community Rules Alex McDonnell
Fwd: Parse UnixSock output with Perl Script Snort User
Tuesday, 09 June
MALWARE-CNC Win.Trojan.Zeus P2P-proxy C2 Write command (1:26839) Rodgers, Anthony (DTMB)
Re: Signature Question Community Rules jesler
about http_inspection 강명훈
Snort Subscriber Rules Update 2015-06-09 Research
What are "detect", " rule eval" stand for in the profiling result of Snort preprocessor? Ricky Li
Wednesday, 10 June
Re: What are "detect", " rule eval" stand for in the profiling result of Snort preprocessor? Victor Roemer
Snort Subscriber Rules Update 2015-06-10 Research
Add Link-Local Address Network Assignment Block (IPv4) to sf_ip.h in Snort 3/Snort++ Bill Parker
Re: Add Link-Local Address Network Assignment Block (IPv4) to sf_ip.h in Snort 3/Snort++ Russ
Thursday, 11 June
[HITB-Announce] FINAL CALL: HITB GSEC Call for Papers Hafez Kamal
Active Rules & Management Alessandro Sforzin
Re: Active Rules & Management waldo kitty
NICs - GRO and LRO Marcio Guerreiro
Re: NICs - GRO and LRO Xander
Re: Active Rules & Management Xander
Re: Active Rules & Management waldo kitty
Fwd: Parse UnixSock output with Perl Script Véronique B .
Re: Active Rules & Management Xander
Friday, 12 June
output config Laszlo Toth
Re: Bus errors and segmentation faults after upgrade to 2.9.7.3 and daq 2.0.5 Hui Cao (huica)
Saturday, 13 June
how to span traffic to snort Marcio Guerreiro
Re: how to span traffic to snort Marcio Guerreiro
Monday, 15 June
Re: output config Carter Waxman (cwaxman)
possible to tailor the SDF combination alert message, or override with custom rule? Sean
Re: Fwd: Parse UnixSock output with Perl Script Victor Roemer
Re: possible to tailor the SDF combination alert message, or override with custom rule? Al Lewis (allewi)
[Call for help] Help shape the future of machine learning research for IDSs Antonio Augusto Santos
Tuesday, 16 June
Re: output config Laszlo Toth
IDs rule reniykec
Relative to content or byte_jump Praveen D
Re: output config Carter Waxman (cwaxman)
Re: output config Laszlo Toth
Re: IDs rule Joel Esler (jesler)
Re: Snort Runs But Stops Working Carter Waxman (cwaxman)
Wednesday, 17 June
False Snort Alert [119:31:1] triggering katwell80
Re: False Snort Alert [119:31:1] triggering Carter Waxman (cwaxman)
Re: False Snort Alert [119:31:1] triggering katwell80
Re: False Snort Alert [119:31:1] triggering Gaurav Nagare (gnagare)
Dridex sig James Lay
Snort++: how to get multithreading to work? Prude, Terrell (SCC)
Re: Snort++: how to get multithreading to work? Russ
Re: Snort++: how to get multithreading to work? Russ
Re: [Emerging-Sigs] Dridex sig James Lay
Thursday, 18 June
Re: [Emerging-Sigs] Dridex sig Joseph Feather
Snort Subscriber Rules Update 2015-06-16 Research
Rule Checkup Matt Brichetto
Snort Subscriber Rules Update 2015-06-18 Research
Friday, 19 June
Singapore Government Hackers Have Hacked Into Teo En Ming's Computer Again Teo En Ming
Re: Dridex/Kryptik Pascal Library X-Mailer sig Matt Mickel
Using Barnyard2 with Snort Farnsworth, Robert
TCP HEADER (options -> data) Marcio Guerreiro
Re: Using Barnyard2 with Snort James Lay
Re: Using Barnyard2 with Snort Farnsworth, Robert
Re: Using Barnyard2 with Snort James Lay
Saturday, 20 June
PoC Software for Magnetic Stripe Processing of Credit/Debit Cards for Snort SDF Bill Parker
Sunday, 21 June
I want to add NETAD as a preprocessor in snort tushar sharma
Monday, 22 June
Re: Using Barnyard2 with Snort Farnsworth, Robert
Reduce Alerts - Pulledpork Cameron
Are these rules from community.rules redundant? Tyler Smith
Re: Reduce Alerts - Pulledpork waldo kitty
Re: Snort++: how to get multithreading to work? elof
Unable to download Talos registered rules. Certificate problem. samaru zoka
Re: Are these rules from community.rules redundant? Nick Randolph
Re: Unable to download Talos registered rules. Certificate problem. Joel Esler (jesler)
Re: Are these rules from community.rules redundant? Tyler Smith
Tuesday, 23 June
Re: Are these rules from community.rules redundant? Patrick Mullen
Sguil assist James Lay
Re: Sguil assist Y M
Re: Sguil assist James Lay
Re: Sguil assist Rodgers, Anthony (DTMB)
Snort Subscriber Rules Update 2015-06-23 Research
need help syazareen
Re: need help lists () packetmail net
Wednesday, 24 June
Re: Using Barnyard2 with Snort James Lay
Question on the relationship between byte_jump and content options Tyler Smith
Re: need help Joel Esler (jesler)
Re: Question on the relationship between byte_jump and content options Alex McDonnell
Re: Question on the relationship between byte_jump and content options Tyler Smith
Re: Question on the relationship between byte_jump and content options Alex McDonnell
XFF/ExtraData not always logged for drop rules Mike Cox
Log snort input pcap file along with alert Bogdan Harjoc
Re: Log snort input pcap file along with alert Bogdan Harjoc
Snort Subscriber Rules Update 2015-06-24 Research
Flowbits set rule to a noalert Anshuman Anil Deshmukh
Thursday, 25 June
Re: Flowbits set rule to a noalert waldo kitty
Re: XFF/ExtraData not always logged for drop rules Mike Cox
Re: XFF/ExtraData not always logged for drop rules Carter Waxman (cwaxman)
Re: XFF/ExtraData not always logged for drop rules Mike Cox
Re: need help syazareen
Re: need help lists () packetmail net
Rules Ikenna Chiadikaobi
Friday, 26 June
Snort only alerting about IP its running on Rahul Bhonsale
Re: Snort only alerting about IP its running on Al Lewis (allewi)
Re: Snort only alerting about IP its running on Al Lewis (allewi)
Re: Using Barnyard2 with Snort Farnsworth, Robert
Re: Error 422 with snortrules-snapshot-2972.tar.gz Andre DiMino
Re: Error 422 with snortrules-snapshot-2972.tar.gz Y M
Re: Error 422 with snortrules-snapshot-2972.tar.gz Joel Esler (jesler)
Re: Using Barnyard2 with Snort James Lay
Re: Using Barnyard2 with Snort Y M
Re: XFF/ExtraData not always logged for drop rules Mike Cox
Re: Error 422 with snortrules-snapshot-2972.tar.gz Andre DiMino
Re: Error 422 with snortrules-snapshot-2972.tar.gz Joel Esler (jesler)
Re: Using Barnyard2 with Snort James Lay
(no subject) yudhi ardiyanto
Saturday, 27 June
Re: Snort-sigs Digest, Vol 109, Issue 19 syazareen
Re: (no subject) Joel Esler (jesler)
Re: (no subject) Yudhi
Sunday, 28 June
Re: Snort-sigs Digest, Vol 109, Issue 19 Al Lewis (allewi)
Monday, 29 June
Re: Using Barnyard2 with Snort Farnsworth, Robert
Re: (no subject) Joel Esler (jesler)
Tuesday, 30 June
Re: Using Barnyard2 with Snort James Lay
Classify rules by offset and the usage of byte_jump Tommy Lin
Re: Classify rules by offset and the usage of byte_jump Alex McDonnell
about 'WEB-MISC weblogic/tomcat .jsp view source attempt' 강명훈
Snort Subscriber Rules Update 2015-06-30 Research