Home page logo
/

1152 messages starting Oct 01 10 and ending Jan 01 11
Date index | Thread index | Author index

Friday, 01 October

so_rule problem Jimmy Tharel
Re: so_rule problem Nigel Houghton
Snort Inline As an IPS Andres Carrera Rivera
Re: so_rule problem waldo kitty
Re: Snort Inline As an IPS Will Metcalf
Re: Snort Inline As an IPS Andres Carrera Rivera
Re: Snort Inline As an IPS Will Metcalf
Re: Snort Inline As an IPS Andres Carrera Rivera
Re: so_rule problem Nigel Houghton
rules update schedule (was: Re: so_rule problem) waldo kitty
Re: rules update schedule (was: Re: so_rule problem) Nigel Houghton
Rule 17494 Jefferson, Shawn
Re: Rule 17494 Tomas Heredia
Re: Rule 17494 Jeff Kell
Re: Rule 17494 Joel Esler
Re: Rule 17494 waldo kitty
Re: Rule 17494 Jefferson, Shawn
Re: Rule 17494 JJC
Re: Rule 17494 waldo kitty
Re: Rule 17494 JJC

Saturday, 02 October

Re: Rule 17494 infosec posts
Re: Rule 17494 Joel Esler

Sunday, 03 October

SnortSam Loss and Re-Creation Frank Knobbe

Monday, 04 October

Snort 2.9.0 Now Available Snort Releases
Snort 2.9.0 Now Available Snort Releases
EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder Nigel Houghton
Re: Snort 2.9.0 Now Available waldo kitty
Re: Snort 2.9.0 Now Available Russ Combs
Re: Snort 2.9.0 Now Available Joel Esler
Re: EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder Mike Lococo
Re: Snort 2.9.0 Now Available Marcos Rodriguez
Re: Snort 2.9.0 Now Available waldo kitty
Re: EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder Michael Green
Re: Snort 2.9.0 Now Available waldo kitty
Re: Snort 2.9.0 Now Available waldo kitty
Re: Snort 2.9.0 Now Available Eoin Miller

Tuesday, 05 October

Re: Snort 2.9.0 Now Available waldo kitty
Re: EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder Nigel Houghton
Re: EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder Nigel Houghton
Re: Snort 2.9.0 Now Available Russ Combs
Re: EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder Randal T. Rioux
Re: Snort 2.9.0 Now Available waldo kitty
Re: [Snort-users] EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder waldo kitty
Re: Snort 2.9.0 Now Available Alex Tatistcheff
Re: [Snort-users] EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder Nigel Houghton
Re: EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder waldo kitty
Re: [Snort-sigs] EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder waldo kitty
Re: Snort 2.9.0 Now Available Russ Combs
[PATCH] so_rules/src/Makefile Terry Burton
Snort 2.9.0 DCE RPC error [SOLVED] and more James Lay
Re: Snort 2.9.0 DCE RPC error [SOLVED] and more Nigel Houghton
Re: Snort 2.9.0 DCE RPC error [SOLVED] and more James Lay
Re: Snort 2.9.0 DCE RPC error [SOLVED] and more James Lay
snort website contact (was: Re: [Snort-sigs] EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder) waldo kitty
Re: Snort 2.9.0 Now Available waldo kitty
Re: [Snort-sigs] snort website contact (was: Re: EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder) Nigel Houghton
Re: snort website contact (was: Re: [Snort-sigs] EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder) Joel Esler
Re: Snort 2.9.0 Now Available Russ Combs
Re: [Snort-sigs] snort website contact waldo kitty
Re: Snort 2.9.0 DCE RPC error [SOLVED] and more waldo kitty
Re: EOL for Snort 2.8.5.3 and Snort 2.8.6.0 rules reminder Mike Lococo
Re: Snort 2.9.0 DCE RPC error [SOLVED] and more Jason Brvenik
Re: Snort 2.9.0 DCE RPC error [SOLVED] and more waldo kitty
Re: Snort 2.9.0 Now Available waldo kitty
Re: Snort 2.9.0 Now Available Russ Combs
Sourcefire VRT Certified Snort Rules Update 2010-10-05 Research
compiling daq in old custom environment... waldo kitty
Re: compiling daq in old custom environment... Russ Combs
Re: compiling daq in old custom environment... Eoin Miller
Re: compiling daq in old custom environment... waldo kitty
Re: compiling daq in old custom environment... waldo kitty
Re: compiling daq in old custom environment... waldo kitty

Wednesday, 06 October

Snort and multiple logging egoitz
Re: Snort and multiple logging Nick Moore
Re: Snort and multiple logging Mike Kun
Re: Snort and multiple logging egoitz
Fwd: daq/snort 2.9.0 on Solaris sparc ? Luis
Re: Fwd: daq/snort 2.9.0 on Solaris sparc ? Joel Esler
Re: Snort and multiple logging egoitz
Re: Snort and multiple logging Eoin Miller
Re: Snort and multiple logging egoitz
snort-2.9.0 missing --enable-inline Jason Wallace
Re: snort-2.9.0 missing --enable-inline Alex Kirk
Re: snort-2.9.0 missing --enable-inline Jason Wallace
Re: snort-2.9.0 missing --enable-inline Russ Combs
Re: snort-2.9.0 missing --enable-inline CleBeer
Re: snort-2.9.0 missing --enable-inline Russ Combs
Re: snort-2.9.0 missing --enable-inline Russ Combs
daq/snort 2.9.0 on Solaris sparc ? Luis
Re: Snort and multiple logging Jefferson, Shawn
Re: daq/snort 2.9.0 on Solaris sparc ? Russ Combs
Anyones doomsday machine running low on IDS analyst tears? Will Metcalf
Re: Anyones doomsday machine running low on IDS analyst tears? Will Metcalf
sfportscan not generating alerts or logs Barney Pause
Re: daq/snort 2.9.0 on Solaris sparc ? Steven Sturges
Re: sfportscan not generating alerts or logs Joel Esler
Fwd: daq/snort 2.9.0 on Solaris sparc ? Luis

Thursday, 07 October

Re: Anyones doomsday machine running low on IDS analyst tears? Steven Sturges
Just Analyzing tcpdump files according to defined rules. alexandre suzuki
Re: Just Analyzing tcpdump files according to defined rules. Joel Esler
Re: Just Analyzing tcpdump files according to defined rules. Nerijus Krukauskas
problem with Flexresp3 Tica
Re: Anyones doomsday machine running low on IDS analyst tears? Will Metcalf
Re: Just Analyzing tcpdump files according to defined rules. Marcos Rodriguez
Re: problem with Flexresp3 Russ Combs
max flowbits fatal errors Kungu Panda
Best script to pre-load signature metadata into a database elof
Re: Best script to pre-load signature metadata into a database Joel Esler
Re: Just Analyzing tcpdump files according to defined rules. waldo kitty
Re: Just Analyzing tcpdump files according to defined rules. waldo kitty
Re: Best script to pre-load signature metadata into a database elof
Fine tuning Snort James Lay
Re: Fine tuning Snort waldo kitty
Re: Fine tuning Snort James Lay
Re: max flowbits fatal errors Russ Combs
Re: max flowbits fatal errors Kungu Panda
Re: [PATCH] so_rules/src/Makefile Patrick Mullen
daq_static error on snort build tgiles
Re: daq_static error on snort build Russ Combs

Friday, 08 October

Re: daq_static error on snort build tgiles
snort-2.9.0 on RHEL5 Jason Haar
Re: Fine tuning Snort waldo kitty
Re: snort-2.9.0 on RHEL5 waldo kitty
Re: snort-2.9.0 on RHEL5 Michael Altizer
Re: daq_static error on snort build Nerijus Krukauskas
Re: Fine tuning Snort James Lay
Re: Fine tuning Snort ScottO
Re: Fine tuning Snort James Lay
Re: Fine tuning Snort Joel Esler
Re: Fine tuning Snort Josh Little
Re: Fine tuning Snort James Lay
Re: Fine tuning Snort James Lay
Snort 2.9.0 José R . Cristo Almaguer
'compress_depth' José R . Cristo Almaguer
Re: 'compress_depth' Bhagya Bantwal
Re: Fine tuning Snort Jefferson, Shawn
Re: Snort 2.9.0 Now Available Crook, Parker
Re: Snort 2.9.0 Now Available Michael Altizer
Snort 2.8.6 performance Jefferson, Shawn
Re: Snort 2.9.0 Now Available Crook, Parker
Re: Fine tuning Snort waldo kitty
PSNG_ICMP_PORTSWEEP waldo kitty
Re: Snort 2.8.6 performance waldo kitty
Snort 2.9.0 DAQ with MMAP pcap? Jefferson, Shawn
Re: Snort 2.9.0 DAQ with MMAP pcap? Russ Combs
Runing snort José R . Cristo Almaguer
Re: Snort 2.8.6 performance Jefferson, Shawn
Re: Snort 2.8.6 performance Matt Olney
Re: Snort 2.8.6 performance Jefferson, Shawn

Saturday, 09 October

Re: Fine tuning Snort James Lay
Re: Fine tuning Snort Joel Esler

Sunday, 10 October

DAQ w/ Snort 2.9 on OpenBSD 4.7 AMD64 Randal T. Rioux
Re: DAQ w/ Snort 2.9 on OpenBSD 4.7 AMD64 Russ Combs

Monday, 11 October

Re: DAQ w/ Snort 2.9 on OpenBSD 4.7 AMD64 Randal T. Rioux
Re: Snort 2.9.0 Now Available Luis Daniel Lucio Quiroz
GPL sid 2472 optimization. Will Metcalf
Re: GPL sid 2472 optimization. Alex Kirk

Tuesday, 12 October

(snort_decoder) WARNING: IP dgm len > captured len! Martin Roecker
snort-2.9.0 prereqs Jason Wallace
1:17239 False Positive Christopher A. Libby
Re: 1:17239 False Positive James Lay
Re: (snort_decoder) WARNING: IP dgm len > captured len! Martin Roecker
afpacket vs. NFQ Jason Wallace
Re: afpacket vs. NFQ Will Metcalf
FP 12634 Lay, James
Re: FP 12634 Weir, Jason
Re: 1:17239 False Positive Christopher A. Libby
FP's with sid:17239 - IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt Eoin Miller
Sourcefire VRT Certified Snort Rules Update 2010-10-12 Research
Re: FP's with sid:17239 - IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt Joel Esler
Re: 1:17239 False Positive Joel Esler
Re: 1:17239 False Positive waldo kitty
Re: 1:17239 False Positive Joel Esler
Re: FP's with sid:17239 - IMAP Alt-N MDaemon IMAP server CREATE command buffer overflow attempt Joel Esler

Wednesday, 13 October

Re: DAQ w/ Snort 2.9 on OpenBSD 4.7 AMD64 [solved] Randal T. Rioux
Building a host attribute table? Andy Berryman
Re: Building a host attribute table? Crook, Parker
Re: FP 12634 Alex Kirk
Re: FP 12634 Weir, Jason
afpacket DAQ - large "Outstanding" number/percent Jason Wallace
Any plans to update 11951? Weir, Jason

Thursday, 14 October

Re: afpacket DAQ - large "Outstanding" number/percent Randal T. Rioux
Re: Building a host attribute table? Russ Combs
Re: DAQ w/ Snort 2.9 on OpenBSD 4.7 AMD64 [solved] Russ Combs
Re: snort-2.9.0 prereqs Russ Combs
Re: snort-2.9.0 prereqs Jason Wallace
Spade Drop Anomalies Andres Carrera Rivera
False Positives on 1:17246 Christopher A. Libby
FP 17246 Lay, James
Re: False Positives on 1:17246 Josh Little
Re: FP 17246 Weir, Jason
Re: FP 17246 Nigel Houghton
Re: FP 17246 rmkml
Re: FP 17246 Weir, Jason
Re: False Positives on 1:17246 Nigel Houghton
Re: FP 17246 Weir, Jason
Re: FP 17246 Lay, James
Re: FP 17246 Joel Esler
Re: FP 17246 Nigel Houghton
Re: FP 17246 Weir, Jason
Re: FP 17246 Joel Esler
Re: FP 17246 JJC
Re: FP 17246 Nigel Houghton
FP on 5803 Weir, Jason
Re: FP 17246 Weir, Jason
Re: max flowbits fatal errors Russ Combs
Disablesid not working Mike Kun
Re: Disablesid not working JJ Cummings
FP 3:16663 waldo kitty

Friday, 15 October

One of the 2483 unnamed Interocitor parts... Will Metcalf
Holy Crap Randal T. Rioux
Re: Holy Crap Nerijus Krukauskas
Re: afpacket DAQ - large "Outstanding" number/percent Michael Altizer
OpenBSD 4.7 / Snort 2.9 -- libsf_engine.so missing Randal T. Rioux
Re: Holy Crap Christopher A. Libby
Re: OpenBSD 4.7 / Snort 2.9 -- libsf_engine.so missing Russ Combs
Download issues? Weir, Jason
Re: Download issues? Joel Esler
Re: FP 3:16663 Joel Esler
SQueRT 0.6 Released. Paul Halliday

Saturday, 16 October

Re: afpacket DAQ - large "Outstanding" number/percent Jason Wallace

Monday, 18 October

Snort 2.9.0 packages for RHEL? Olivier Bilodeau
Snort 2.9.0.0 segfaulting Miguel Alvarez
Re: Snort 2.9.0.0 segfaulting Russ Combs
Re: Snort 2.9.0 packages for RHEL? Ryan Jordan
Re: Snort 2.9.0 packages for RHEL? Castle, Shane
Re: Snort 2.9.0 packages for RHEL? Castle, Shane
Snort 2.9, RHEL 5 and afpacket DAQ Ralf Spenneberg
Re: Snort 2.9, RHEL 5 and afpacket DAQ beenph
Re: Snort 2.9, RHEL 5 and afpacket DAQ Russ Combs
Ip_proto's 'lsrre' parameter Joshua.Kinard
pcre high cpu usage Tomas Heredia
Re: pcre high cpu usage Joel Esler
Re: pcre high cpu usage Tomas Heredia
Re: pcre high cpu usage Alex Kirk

Tuesday, 19 October

capturing on the wrong nic Chris Copeland
Re: capturing on the wrong nic Joel Esler
Re: capturing on the wrong nic Chris Copeland
Snort 2.9 Setup Guide David Gullett
Re: afpacket DAQ - large "Outstanding" number/percent Michael Altizer
Re: Snort 2.9, RHEL 5 and afpacket DAQ Ralf Spenneberg
Re: Snort 2.9, RHEL 5 and afpacket DAQ Michael Altizer
Re: Snort 2.9, RHEL 5 and afpacket DAQ Ralf Spenneberg
Re: capturing on the wrong nic Russ Combs
Re: afpacket DAQ - large "Outstanding" number/percent Jason Wallace
Re: pcre high cpu usage Tomas Heredia
Re: pcre high cpu usage Alex Kirk
Duplicate downloaded rules Lay, James
Re: pcre high cpu usage Alex Kirk
Reporting/stats from logs Lay, James
Re: pcre high cpu usage Tomas Heredia
Re: Duplicate downloaded rules Jason Brvenik
Re: Duplicate downloaded rules Weir, Jason
Re: pcre high cpu usage Tomas Heredia
Snort 2.9.0 ipvar unknown rule type Danny Paul
sfPortscan logfilein 2.9.0 John Forristel
Re: Snort 2.9.0 ipvar unknown rule type Russ Combs
Re: Snort 2.9.0 ipvar unknown rule type Danny Paul
Re: Snort 2.9.0 ipvar unknown rule type Russ Combs
Re: Duplicate downloaded rules Lay, James
Re: Snort 2.9.0 ipvar unknown rule type Danny Paul
Re: Duplicate downloaded rules Weir, Jason
Re: Duplicate downloaded rules Lay, James
Re: Duplicate downloaded rules Weir, Jason
Re: Reporting/stats from logs JJC
PCRE Offloading Tomas Heredia
Re: Reporting/stats from logs JJC
SID Identification Greg Lane
Re: SID Identification Alan Ptak
Re: SID Identification Weir, Jason

Wednesday, 20 October

Re: Snort 2.9.0 ipvar unknown rule type waldo kitty
FP? 1675 Chris Stevens
Re: Snort 2.9, RHEL 5 and afpacket DAQ Ralf Spenneberg
Re: Snort 2.9 Setup Guide Andersen Klaus
Re: Snort 2.9, RHEL 5 and afpacket DAQ Michael Altizer
Re: Duplicate downloaded rules Lay, James
FP 17154 Lay, James
Is Snort susceptible to AET's? Andy Berryman
Re: Is Snort susceptible to AET's? Martin Roesch
Re: Snort 2.9, RHEL 5 and afpacket DAQ Rich Graves
Re: Snort 2.9, RHEL 5 and afpacket DAQ Eoin Miller
Re: Snort 2.9, RHEL 5 and afpacket DAQ Jeff Kell
Re: Snort 2.9, RHEL 5 and afpacket DAQ Mike Lococo
Re: Snort 2.9, RHEL 5 and afpacket DAQ Rich Graves
Re: Snort 2.9, RHEL 5 and afpacket DAQ beenph
Re: Snort 2.9, RHEL 5 and afpacket DAQ Michael Altizer
Re: Snort 2.9, RHEL 5 and afpacket DAQ Michael Altizer
Re: Snort 2.9, RHEL 5 and afpacket DAQ [~Solved?] Michael Altizer
Re: Is Snort susceptible to AET's? Alan Ptak
Re: Snort 2.9, RHEL 5 and afpacket DAQ [~Solved?] Michael Altizer
Re: Snort 2.9, RHEL 5 and afpacket DAQ [~Solved?] Russ Combs

Thursday, 21 October

Re: Snort 2.9, RHEL 5 and afpacket DAQ [~Solved?] Jason Haar
Barnyard2 and multiple sensors Russell Fulton
Re: Barnyard2 and multiple sensors Joel Esler
Re: Barnyard2 and multiple sensors Russell Fulton
Re: Barnyard2 and multiple sensors Jason Haar
Re: Ip_proto's 'lsrre' parameter Steven Sturges
Re: Barnyard2 and multiple sensors JJC
Re: Barnyard2 and multiple sensors Eoin Miller
Re: Barnyard2 and multiple sensors Mike Lococo
Pulledpork next release? Jefferson, Shawn
Re: Pulledpork next release? Joel Esler
Re: Pulledpork next release? Jefferson, Shawn
Re: Pulledpork next release? JJC
Re: Pulledpork next release? Jason Wallace
Re: FP 17154 Alex Kirk
Re: FP? 1675 Alex Kirk
snort-2.9.0 and libpcap Jason Wallace
Re: snort-2.9.0 and libpcap Michael Altizer
Re: Barnyard2 and multiple sensors Russell Fulton
PulledPork 0.5.0 the Drowning Rat is now floating in the wild! JJC
Re: Snort 2.9, RHEL 5 and afpacket DAQ [~Solved?] Rich Graves

Friday, 22 October

Bug with file_data pointer being set in 2.9.0? Will Metcalf
10G virtual network traffic 김무성
Re: Snort 2.9, RHEL 5 and afpacket DAQ [~Solved?] Ralf Spenneberg
Re: Bug with file_data pointer being set in 2.9.0? Will Metcalf
Possible FP 12280? Lay, James
Re: Snort 2.9, RHEL 5 and afpacket DAQ [~Solved?] Michael Altizer
Re: Possible FP 12280? L0rd Ch0de1m0rt
Re: ET WEB_CLIENT Possible HTTP 404 XSS Attempt (External Source) Will Metcalf
Possible 17154 FP? Lay, James

Saturday, 23 October

Re: Ip_proto's 'lsrre' parameter Joshua.Kinard

Sunday, 24 October

Re: Snort 2.9 Setup Guide David Gullett

Monday, 25 October

pulledpork setup guide Jun Wan
Error in encode.c in Snort 2.9.0 on Ubuntu 10.04.1 LST c.willie
Re: Error in encode.c in Snort 2.9.0 on Ubuntu 10.04.1 LST Russ Combs
Possible FP 17363 Lay, James
Re: Possible FP 17363 rmkml
Re: Possible FP 17363 Alex Kirk
Possible 16295 FP Lay, James
Re: Possible 16295 FP rmkml
[PATCHES] Fixes for daq_nfq Kelvie Wong
[RFC Feature PATCH]: 'drop' option for tagged packets. Kelvie Wong
Re: [PATCHES] Fixes for daq_nfq Russ Combs
Re: Snort 2.9.0.0 segfaulting [SEC=UNCLASSIFIED] Russ Combs

Tuesday, 26 October

Re: Ip_proto's 'lsrre' parameter Steven Sturges
upgrade question Bobby Venal
Re: upgrade question Russ Combs
I'm tired from snort!! Ahmed Qaisi
Re: I'm tired from snort!! Randal T. Rioux
Re: [Spam] Re: Possible FP 17363 Lay, James
Re: Possible FP 17363 Weir, Jason
Re: [Spam] Re: Possible FP 17363 Joel Esler
Re: [Spam] Re: Possible FP 17363 L0rd Ch0de1m0rt
Re: [Spam] Re: Possible FP 17363 Joel Esler
Will this work - negated hosts? Weir, Jason
Re: Possible FP 17363 Lay, James
Re: Possible FP 17363 Weir, Jason
Re: Possible FP 17363 Joel Esler
Re: Will this work - negated hosts? Crook, Parker
Re: Will this work - negated hosts? Weir, Jason
Re: [Spam] Re: Possible FP 17363 Lay, James
Re: [Spam] Re: Possible FP 17363 Weir, Jason
Re: Will this work - negated hosts? Weir, Jason
Re: [Spam] Re: Possible FP 17363 Joel Esler
Re: [Spam] Re: Possible FP 17363 Lay, James
Re: [Spam] Re: Possible FP 17363 Alex Kirk
Re: [Spam] Re: Possible FP 17363 Lay, James
Re: [Spam] Re: Possible FP 17363 Joel Esler
flexresp3: Reset with TTL of 0 Jim Hranicky
Re: [Spam] Re: Possible FP 17363 Lay, James
Re: [Spam] Re: Possible FP 17363 Joel Esler
Re: [Spam] Re: Possible FP 17363 Lay, James
RSVP for a Snort Community Pig Roast - November 12, 2010 Mike Guiterman
Re: [Spam] Re: Possible FP 17363 Joel Esler
Sourcefire VRT Certified Snort Rules Update 2010-10-26 Research
Re: RSVP for a Snort Community Pig Roast - November 12, 2010 Randal T. Rioux
Re: I'm tired from snort!! Ahmed Qaisi
Re: RSVP for a Snort Community Pig Roast - November 12, 2010 Mike Guiterman
Re: flexresp3: Reset with TTL of 0 Jim Hranicky
Re: flexresp3: Reset with TTL of 0 Russ Combs

Wednesday, 27 October

Installation problem vishesh kumar
Re: Installation problem vishesh kumar
PATCH: more compact ac-bnfa trans list Fingle Nark
17494 Falsing on non IE6 systems Weir, Jason
Re: 17494 Falsing on non IE6 systems L0rd Ch0de1m0rt
Re: 17494 Falsing on non IE6 systems Joel Esler
Re: 17494 Falsing on non IE6 systems Weir, Jason
Re: 17494 Falsing on non IE6 systems Weir, Jason
Re: 17494 Falsing on non IE6 systems Joel Esler
Re: 17494 Falsing on non IE6 systems Lay, James
Re: Installation problem vishesh kumar
Using detection_filter instead of threshold L0rd Ch0de1m0rt
Re: 17494 Falsing on non IE6 systems Weir, Jason
Re: Using detection_filter instead of threshold Joel Esler
Re: Using detection_filter instead of threshold L0rd Ch0de1m0rt
Re: Using detection_filter instead of threshold Eric L. Howard
Re: Using detection_filter instead of threshold Joel Esler
Re: 17494 Falsing on non IE6 systems JJC
Re: 17494 Falsing on non IE6 systems Weir, Jason
Re: Installation problem Russ Combs
Re: Bug with file_data pointer being set in 2.9.0? Bhagya Bantwal
Re: Using detection_filter instead of threshold Eric L. Howard
Re: Using detection_filter instead of threshold infosec posts
Re: Using detection_filter instead of threshold Joel Esler
Re: Using detection_filter instead of threshold Matthew Jonkman
Re: Using detection_filter instead of threshold Joel Esler
Re: PATCH: more compact ac-bnfa trans list Russ Combs
Re: Using detection_filter instead of threshold infosec posts
Re: Using detection_filter instead of threshold Joel Esler
Re: Using detection_filter instead of threshold infosec posts
Re: Using detection_filter instead of threshold Jason Brvenik
Re: Barnyard2 and multiple sensors Jun Wan

Thursday, 28 October

Re: Using detection_filter instead of threshold infosec posts
Re: Using detection_filter instead of threshold Joel Esler
Re: Using detection_filter instead of threshold infosec posts
Re: Using detection_filter instead of threshold Jason Brvenik
Re: Barnyard2 and multiple sensors Jim Hranicky
Re: Using detection_filter instead of threshold infosec posts
Re: Bug with file_data pointer being set in 2.9.0? Will Metcalf
Re: Using detection_filter instead of threshold Joel Esler
Re: Installation problem vishesh kumar
Re: PATCH: more compact ac-bnfa trans list Fingle Nark
Re: Using detection_filter instead of threshold infosec posts
Re: Using detection_filter instead of threshold Joel Esler
HTTP Inspect and packet reassembly L0rd Ch0de1m0rt
Re: Using detection_filter instead of threshold infosec posts
Re: HTTP Inspect and packet reassembly Yun Zheng Hu
Re: HTTP Inspect and packet reassembly Joel Esler
URL to download VRT rules Alejandro Cabrera Obed
Re: URL to download VRT rules Weir, Jason
Re: URL to download VRT rules Alejandro Cabrera Obed
Re: URL to download VRT rules Joel Esler
Re: URL to download VRT rules Alejandro Cabrera Obed
Re: URL to download VRT rules Joel Esler
Re: URL to download VRT rules Weir, Jason
Re: URL to download VRT rules Weir, Jason
Re: URL to download VRT rules Alejandro Cabrera Obed
Re: URL to download VRT rules Weir, Jason
Snort Report or Base ??? Alejandro Cabrera Obed
Sourcefire VRT Certified Snort Rules Update 2010-10-28 Research

Friday, 29 October

Re: HTTP Inspect and packet reassembly matan monitz
Re: HTTP Inspect and packet reassembly Eoin Miller
Re: HTTP Inspect and packet reassembly Joel Esler
FP 17363 waldo kitty
Re: HTTP Inspect and packet reassembly Matt Olney
Richard Tyrrell/Telford/Syan Ltd is out of the office. Richard Tyrrell
Re: Barnyard2 and multiple sensors Russell Fulton
Re: Barnyard2 and multiple sensors Jim Hranicky
payload logging, barnyard2 Pradeep Lamabam
Re: FP 17363 rmkml
Re: HTTP Inspect and packet reassembly Yun Zheng Hu
Re: HTTP Inspect and packet reassembly Matt Olney
Re: payload logging, barnyard2 ScottO
Re: HTTP Inspect and packet reassembly Joel Esler
Using SNORT inline Dan Dwelley
Re: HTTP Inspect and packet reassembly L0rd Ch0de1m0rt
Re: HTTP Inspect and packet reassembly Joel Esler
Multiple Snort Instances - One Interface James Thornton
Re: payload logging, barnyard2 beenph
Re: HTTP Inspect and packet reassembly Bhagya Bantwal
!!Rolling back Snort rule files!! Miso Patel
Re: Multiple Snort Instances - One Interface Will Metcalf
Re: !!Rolling back Snort rule files!! Joel Esler
Re: Multiple Snort Instances - One Interface James Thornton
Re: !!Rolling back Snort rule files!! Miso Patel
Re: !!Rolling back Snort rule files!! JJ Cummings
Re: !!Rolling back Snort rule files!! Weir, Jason
Re: !!Rolling back Snort rule files!! L0rd Ch0de1m0rt
Re: !!Rolling back Snort rule files!! Joel Esler
Re: !!Rolling back Snort rule files!! Weir, Jason
Re: Multiple Snort Instances - One Interface Will Metcalf
Re: !!Rolling back Snort rule files!! JJ Cummings
Re: !!Rolling back Snort rule files!! L0rd Ch0de1m0rt
Re: URL to download VRT rules Alejandro Cabrera Obed
Re: URL to download VRT rules Weir, Jason
Re: FP 17363 waldo kitty
Re: !!Rolling back Snort rule files!! waldo kitty
Re: !!Rolling back Snort rule files!! waldo kitty

Saturday, 30 October

Re: [Emerging-Sigs] Snort 2.9 compatibility with ET rules? Jun Wan
Re: Installation problem vishesh kumar
How o views snort log from mysql vishesh kumar
Re: How o views snort log from mysql Anthony Rees
Re: How o views snort log from mysql vishesh kumar
Re: How o views snort log from mysql Jun Wan
Re: How o views snort log from mysql Ray Caparros
Re: How o views snort log from mysql Nick Moore
Unsubscribe Lai, Raymond
Re: How o views snort log from mysql Ray Caparros

Sunday, 31 October

Re: HTTP Inspect and packet reassembly Eoin Miller
Re: HTTP Inspect and packet reassembly Joel Esler
Re: Barnyard2 and multiple sensors Mike Lococo

Monday, 01 November

Re: 17494 Falsing on non IE6 systems Weir, Jason
Re: Multiple Snort Instances - One Interface Jim Hranicky
Re: Multiple Snort Instances - One Interface Jim Hranicky
Snort 2.9.0.1 Now Available Snort Releases
Snort 2.9.0.1 Now Available Snort Releases
Excessive Read Requests Lay, James
Re: Snort 2.9.0.1 Now Available L0rd Ch0de1m0rt
Re: Multiple Snort Instances - One Interface Will Metcalf
Re: Excessive Read Requests Russ Combs
Re: Excessive Read Requests Lay, James
Re: Excessive Read Requests Russ Combs
Re: Snort 2.9.0.1 Now Available Mike Lococo

Tuesday, 02 November

Re: Snort 2.9.0.1 Now Available Rich Graves
Snort IPv6 database schema Yun Zheng Hu
Re: afpacket DAQ - large "Outstanding" number/percent Jason Wallace
Re: [Spam] Re: Excessive Read Requests Lay, James
Re: Barnyard2 and multiple sensors Billy Marshall
Re: Snort 2.9.0.1 Now Available Mike Lococo
Re: Snort 2.9.0.1 Now Available Jason Haar
Re: Snort IPv6 database schema Edward Fjellskål
Re: Snort 2.9.0.1 Now Available Mike Lococo
Sourcefire VRT Certified Snort Rules Update 2010-11-02 Research
Sourcefire VRT Certified Snort Rules Update 2010-11-02 Research
Snort 2.9, barnyard2, and unknown record types Rich Graves
Re: [PATCHES] Fixes for daq_nfq Russ Combs
Re: Using SNORT inline Russ Combs
Re: [PATCHES] Fixes for daq_nfq Kelvie Wong
Snort 2.9.0.1 Rules? Jefferson, Shawn
Re: Snort 2.9.0.1 Now Available Steven Sturges
Re: Snort 2.9.0.1 Rules? JJC

Wednesday, 03 November

[PATCH] Add TX_RING support to AFPacket DAQ module Michael Altizer
barnyard2 and bpf filters Russell Fulton
Re: Snort 2.9, barnyard2, and unknown record types firnsy
Re: Snort 2.9.0.1 Now Available L0rd Ch0de1m0rt
Re: [Emerging-Sigs] Snort 2.9.0.1 Now Available Joel Esler
Re: [Emerging-Sigs] [Snort-devel] Snort 2.9.0.1 Now Available Miso Patel
Re: Sourcefire VRT Certified Snort Rules Update 2010-11-02 infosec posts
Re: [Emerging-Sigs] Snort 2.9.0.1 Now Available Joel Esler
Re: Sourcefire VRT Certified Snort Rules Update 2010-11-02 Nigel Houghton
Re: [Emerging-Sigs] [Snort-devel] Snort 2.9.0.1 Now Available Matthew Jonkman
Re: Sourcefire VRT Certified Snort Rules Update 2010-11-02 Joel Esler
Re: Sourcefire VRT Certified Snort Rules Update 2010-11-02 infosec posts
Re: Sourcefire VRT Certified Snort Rules Update 2010-11-02 Joel Esler
Compiling snort without DAQ L0rd Ch0de1m0rt
Re: Compiling snort without DAQ Russ Combs
Disabling GID3 rules Steve McChortle
Re: Snort 2.9, barnyard2, and unknown record types Seth Hall
FP on 17468 Weir, Jason
Re: Snort 2.9, barnyard2, and unknown record types Bhagya Bantwal
Re: [Emerging-Sigs] Snort 2.9.0.1 Now Available Russ Combs
Re: Snort 2.9.0 ipvar unknown rule type Russ Combs
Re: (snort_decoder) WARNING: IP dgm len > captured len! Russ Combs
Re: FP on 17468 rmkml
Snort.org was updated today, with new features! Joel Esler

Thursday, 04 November

Re: [Emerging-Sigs] [Snort-devel] Snort 2.9.0.1 Now Available waldo kitty
Re: [Emerging-Sigs] [Snort-devel] Snort 2.9.0.1 Now Available waldo kitty
Re: [Emerging-Sigs] Snort 2.9.0.1 Now Available Russ Combs
Re: [Emerging-Sigs] [Snort-devel] Snort 2.9.0.1 Now Available waldo kitty
Re: Sourcefire VRT Certified Snort Rules Update 2010-11-02 waldo kitty
Re: [Emerging-Sigs] [Snort-devel] Snort 2.9.0.1 Now Available Joel Esler
Re: Snort 2.9.0.1 Now Available Randal T. Rioux
Re: [Emerging-Sigs] [Snort-devel] Snort 2.9.0.1 Now Available Matthew Jonkman
snort 2.9.0.1 packages for RHEL5.x vincent
Re: FP on 17468 Weir, Jason
Re: snort 2.9.0.1 packages for RHEL5.x Castle, Shane
Re: FP on 17468 rmkml
Re: snort 2.9.0.1 packages for RHEL5.x vincent
Snort recommendations Atkins, Dwane P
Starting Snort 2.9.0.1 José R . Cristo Almaguer
Re: Starting Snort 2.9.0.1 Jason Wallace
Re: Snort recommendations Atkins, Dwane P
Re: Snort recommendations Jefferson, Shawn
Re: [Emerging-Sigs] [Snort-devel] Snort 2.9.0.1 Now Available L0rd Ch0de1m0rt
Sourcefire VRT Certified Snort Rules Update 2010-11-04 Research
Snort 2.9.0.1 & OpenBSD 4.8 build problems Ross Lawrie
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems JJC
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Russ Combs
Re: [rhelv5-list] snort 2.9.0 Centos 5.5 vincent
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Ross Lawrie
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Russ Combs
Re: [rhelv5-list] snort 2.9.0 Centos 5.5 Russ Combs

Friday, 05 November

Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Ross Lawrie
Re: [rhelv5-list] snort 2.9.0 Centos 5.5 vincent
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems rmkml
Re: [rhelv5-list] snort 2.9.0 Centos 5.5 vincent
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Ross Lawrie
OT: What tap would you recommend? Miguel Alvarez
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Russ Combs
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Russ Combs
Re: OT: What tap would you recommend? Ropetin Again
Re: OT: What tap would you recommend? Jefferson, Shawn
Re: OT: What tap would you recommend? Rob MacGregor
Re: OT: What tap would you recommend? Joe Pampel
Ddos? Weir, Jason
Re: Ddos? Joel Esler
Re: Ddos? Nigel Houghton
Re: Ddos? Weir, Jason
Re: Ddos? Joel Esler
Re: OT: What tap would you recommend? John Hally
Re: OT: What tap would you recommend? Eoin Miller
Re: OT: What tap would you recommend? Anthony Rees
lots or rules loaded and snort performance Pedro Marinho
DAQ and libpcap 1.1.1 vs 1.0.0 Mike Lococo
Re: [Emerging-Sigs] lots or rules loaded and snort performance Pedro Marinho
Re: [Emerging-Sigs] lots or rules loaded and snort performance Pedro Marinho

Saturday, 06 November

Re: OT: What tap would you recommend? Ray Caparros
Re: [Emerging-Sigs] lots or rules loaded and snort performance Jason Wallace
Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent

Sunday, 07 November

Re: Snort recommendations Richard Bejtlich

Monday, 08 November

Re: [rhelv5-list] snort 2.9.0 Centos 5.5 vincent
Re: DAQ and libpcap 1.1.1 vs 1.0.0 Mike Lococo
Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent
Re: Snort 2.9.0.1 Now Available L0rd Ch0de1m0rt
Re: Snort 2.9.0.1 Now Available Russ Combs
Re: DAQ and libpcap 1.1.1 vs 1.0.0 Russ Combs
Re: Snort 2.9.0.1 Now Available Eoin Miller
Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent
Re: Snort 2.9.0.1 Now Available L0rd Ch0de1m0rt
Re: Snort 2.9.0.1 Now Available Steven Sturges
Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent
Re: Snort 2.9.0.1 Now Available L0rd Ch0de1m0rt
Re: Snort 2.9.0.1 Now Available Eoin Miller
Re: DAQ and libpcap 1.1.1 vs 1.0.0 Russ Combs
Re: DAQ and libpcap 1.1.1 vs 1.0.0 Russ Combs
Re: Snort 2.9.0.1 Now Available Russ Combs

Tuesday, 09 November

FP 13628 Lay, James
Re: FP 13628 rmkml
Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent
Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent
libdnet.1: cannot open shared object file: no such file or directory Atkins, Dwane P
Re: FP 13628 Nigel Houghton
Linux recommendations Castle, Shane
Proxy question Lay, James
Re: Linux recommendations Weir, Jason
Re: Linux recommendations Eoin Miller
Re: Snort 2.9.0.1 Now Available Russ Combs
Sourcefire VRT Certified Snort Rules Update 2010-11-09 Research
Re: Linux recommendations Jason Haar
Re: Snort 2.9.0.1 Now Available Russ Combs

Wednesday, 10 November

Re: Linux recommendations waldo kitty
Re: Linux recommendations Randal T. Rioux
Install Snort on Ubuntu with mysql and SnortReports Atkins, Dwane P
Re: Install Snort on Ubuntu with mysql and SnortReports Castle, Shane
Any BASE honchos here? Castle, Shane
Re: Any BASE honchos here? Richard Bejtlich
Re: Linux recommendations hermit
Re: Install Snort on Ubuntu with mysql and SnortReports Atkins, Dwane P
Oddness with 16295 Lay, James
Re: Any BASE honchos here? Paul Halliday
Re: Install Snort on Ubuntu with mysql and SnortReports Atkins, Dwane P
Re: Install Snort on Ubuntu with mysql and SnortReports Brad P
Re: Install Snort on Ubuntu with mysql and SnortReports Atkins, Dwane P
Re: Oddness with 16295 rmkml
Snorby and Snort Atkins, Dwane P
Re: Snorby and Snort Joel Esler

Thursday, 11 November

Re: Oddness with 16295 James Lay
Re: Multiple Snort Instances - One Interface Korodev
Re: Snorby and Snort JJC
Building wireless IDS systems... Champ Clark III [Softwink]
Re: Snorby and Snort JJC
Re: Snorby and Snort Atkins, Dwane P
Host Attribute Table Question Andy Berryman
Re: Oddness with 16295 Lay, James
Re: Oddness with 16295 Joel Esler
Re: Host Attribute Table Question Joel Esler
Snort not logging all alerts in pcap (was Oddness with 16295) Lay, James
Re: Host Attribute Table Question Andy Berryman
[HITB-Announce] HITB Magazine #5 Call for Articles Hafez Kamal
[HITB-Announce] HITB Magazine #5 Call for Articles Hafez Kamal

Friday, 12 November

Libpcap shipped with RHEL6 GA C. L. Martinez
Re: Host Attribute Table Question Alex Tatistcheff

Saturday, 13 November

Re: Libpcap shipped with RHEL6 GA vincent
Re: Snort not logging all alerts in pcap (was Oddness with 16295) rmkml

Monday, 15 November

Re: Libpcap shipped with RHEL6 GA Russ Combs
New OpenSource Community Manager Announcement Joel Esler
Re: Snort not logging all alerts in pcap (was Oddness with 16295) James Lay

Tuesday, 16 November

Updating sid-msg.map Chan, Wilson
Re: Updating sid-msg.map Joel Esler
Re: Updating sid-msg.map Nigel Houghton
possible fp on 17297 matan monitz
Re: possible fp on 17297 rmkml

Wednesday, 17 November

Re: Updating sid-msg.map waldo kitty
Re: Updating sid-msg.map Joel Esler
Re: Updating sid-msg.map waldo kitty
FP on sig 17567 Andy Berryman
Re: FP on sig 17567 Alex Kirk
Re: Updating sid-msg.map Lay, James

Thursday, 18 November

Re: Updating sid-msg.map waldo kitty
2.9.0.1 performance issue Frank Eberle
Re: Updating sid-msg.map Jason Wallace
Re: [Snort-users] 2.9.0.1 performance issue Matt Olney
Re: possible fp on 17297 matan monitz
[HITB-Announce] HITB2011AMS -- Call For Papers now Open Hafez Kamal
[HITB-Announce] HITB2011AMS -- Call For Papers now Open Hafez Kamal
Re: 2.9.0.1 performance issue Russ Combs
Re: [Snort-users] 2.9.0.1 performance issue matan monitz
Re: [Snort-users] 2.9.0.1 performance issue L0rd Ch0de1m0rt
Re: [Snort-users] 2.9.0.1 performance issue Eoin Miller
Ourmon Andres Carrera
Re: [Snort-users] 2.9.0.1 performance issue Russ Combs
Re: [Snort-users] 2.9.0.1 performance issue matan monitz
Problem with stream5 Fábio Ferrão
Re: Problem with stream5 Alex Kirk
Sourcefire VRT Certified Snort Rules Update 2010-11-18 Research
Sourcefire VRT Certified Snort Rules Update 2010-11-18 Research
Re: Sourcefire VRT Certified Snort Rules Update 2010-11-18 Patrick Mullen

Friday, 19 November

orig_tcph in Packet structure snort user
Re: orig_tcph in Packet structure Steven Sturges

Monday, 22 November

Call for Snort 2.9.x U2 files containing type 110 records. firnsy
Re: Issue while detecting patterns in a simple HTTP Page [Web client based] Alex Kirk
Re: Issue while detecting patterns in a simple HTTP Page [Web client based] Sujit Ghosal
Issue while detecting patterns in a simple HTTP Page [Web client based] Sujit Ghosal
Re: Issue while detecting patterns in a simple HTTP Page [Web client based] waldo kitty

Friday, 26 November

Re: symbol error with 2.9.1 Russ Combs
Re: unified2 processing firnsy
Re: Oinkmaster downloads intermittently failing Joel Esler
Re: Oinkmaster downloads intermittently failing Joel Esler
Re: H-Snort / Hybrid Snort Joel Esler
Dropped packets again Lay, James
Re: Oinkmaster downloads intermittently failing Weir, Jason
Re: Oinkmaster downloads intermittently failing Weir, Jason
Re: H-Snort / Hybrid Snort Andres Carrera Rivera
Re: OT: What tap would you recommend? Joel Esler

Saturday, 27 November

Re: OT: What tap would you recommend? Randal T. Rioux
unified2 processing Pradeep Lamabam
Suggested pcre addition to 1:6251 CunningPike
Re: symbol error with 2.9.1 Jason Haar
Re: symbol error with 2.9.1 Russ Combs
Re: Issues with the Snort Manual (Patch) Joel Esler
Re: Issues with the Snort Manual (Patch) Joel Esler
H-Snort / Hybrid Snort Andres Carrera Rivera
Re: Dropped packets again rmkml
Sourcefire VRT Certified Snort Rules Update 2010-11-23 Research
Re: OT: What tap would you recommend? Jason Brvenik
Re: OT: What tap would you recommend? Eoin Miller
Re: Dropped packets again Joel Esler
Re: Suggested pcre addition to 1:6251 rmkml
Re: Suggested pcre addition to 1:6251 Jason Wallace
Re: Oinkmaster downloads intermittently failing Joel Esler
Oinkmaster downloads intermittently failing Weir, Jason
symbol error with 2.9.1 Jason Haar
Issues with the Snort Manual (Patch) Joshua.Kinard
Re: OT: What tap would you recommend? Paul Halliday

Monday, 29 November

(no subject) Jun Wan
Re: [Emerging-Sigs] (no subject) Joel Esler
Snorby 2.0.0.pre Dustin Webber
ET rules in emerging.conf deactivated after updating via Oinkmaster&cron Jun Wan
Off-topic - VRT Blog, "Rise of citizen cyberwarrior", criticism of the security efforts by the government. Guise McAllaster
Re: Issues with the Snort Manual (Patch) Joshua.Kinard
Re: Issues with the Snort Manual (Patch) Joshua.Kinard

Tuesday, 30 November

Re: Issues with the Snort Manual (Patch) Joel Esler
Re: ET rules in emerging.conf deactivated after updating via Oinkmaster&cron Jun Wan
Re: Issues with the Snort Manual (Patch) Joel Esler
Re: [Emerging-Sigs] (no subject) waldo kitty
Re: Issues with the Snort Manual (Patch) Joshua.Kinard
Re: [Emerging-Sigs] Off-topic - VRT Blog, "Rise of citizen cyberwarrior", criticism of the security efforts by the government. L0rd Ch0de1m0rt
Re: Off-topic - VRT Blog, "Rise of citizen cyberwarrior", criticism of the security efforts by the government. Randal T. Rioux
Snort has different IPs than Wireshark Billy Marshall
Re: Snort has different IPs than Wireshark Russ Combs
Re: Off-topic - VRT Blog, "Rise of citizen cyberwarrior", criticism of the security efforts by the government. Crook, Parker
Re: Snort has different IPs than Wireshark Billy Marshall
Re: Snort has different IPs than Wireshark Castle, Shane
Re: [Emerging-Sigs] (no subject) Jun Wan

Wednesday, 01 December

issues with Snort report 1.3&VRT rules&ET rules&threshold.conf Jun Wan
Snort 2.9.0.2 to be released Joel Esler
Re: [Emerging-Sigs] (no subject) waldo kitty
Re: issues with Snort report 1.3&VRT rules&ET rules&threshold.conf Joel Esler
Re: Snort 2.9.0.2 to be released Randal T. Rioux
Re: issues with Snort report 1.3&VRT rules&ET rules&threshold.conf Jun Wan
which SQL injection detection rule is best when considering performance, false-positive, real attack 김무성
Re: Snort 2.9.0.2 to be released Joel Esler
Re: issues with Snort report 1.3&VRT rules&ET rules&threshold.conf Joel Esler
Snort 2.9.0.2 Now Available Snort Releases
Snort 2.9.0.2 Now Available Snort Releases
Snort as a Service on Ubuntu 9 Andres Carrera Rivera
Re: Snort as a Service on Ubuntu 9 Joel Esler
dropped packets in Perfmonitor Lawrence R. Hughes, Sr.
snort 2.8.6.1 frag3 policy linux Lawrence R. Hughes, Sr.
Re: dropped packets in Perfmonitor Joel Esler
Re: snort 2.8.6.1 frag3 policy linux Joel Esler
Re: Snort as a Service on Ubuntu 9 Andres Carrera Rivera

Thursday, 02 December

Snort preprocessor perfmonitor Andres Carrera Rivera
Re: Snort preprocessor perfmonitor Andres Carrera Rivera
Re: Snort preprocessor perfmonitor Salahudin Wan Khairuzzaman
Re: Snort preprocessor perfmonitor Salahudin Wan Khairuzzaman
Re: Snort preprocessor perfmonitor Andres Carrera Rivera
Re: issues with Snort report 1.3&VRT rules&ET rules&threshold.conf Jun Wan
Re: issues with Snort report 1.3&VRT rules&ET rules&threshold.conf Joel Esler
Sourcefire VRT Certified Snort Rules Update 2010-12-02 Research

Friday, 03 December

Re: [Emerging-Sigs] Best way to achieve this. Joel Esler
Re: issues with Snort report 1.3&VRT rules&ET rules&threshold.conf Jun Wan
Re: dropped packets in Perfmonitor Leon Ward
snort 2.9.0.2 packages for RHEL5.x vincent
Re: dropped packets in Perfmonitor Joel Esler
Re: issues with Snort report 1.3&VRT rules&ET rules&threshold.conf Joel Esler
Re: snort 2.9.0.2 packages for RHEL5.x Russ Combs
Changes in the latest rule packs Nigel Houghton
Readers of the VRT blog Nigel Houghton
SMTP content-type overflow rule question Bobby Venal
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Russ Combs
Re: SMTP content-type overflow rule question Joel Esler
Re: Readers of the VRT blog Richard Bejtlich

Saturday, 04 December

Re: SMTP content-type overflow rule question Rich Graves
Question about the 'tag' keyword L0rd Ch0de1m0rt

Sunday, 05 December

Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Randal T. Rioux
Re: Snort 2.9.0.2 to be released Randal T. Rioux
Snort doesn't trigger while the payload size is big (even for ~4-5KB files) Sujit Ghosal
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Joel Esler
Re: Snort 2.9.0.2 to be released Joel Esler
Re: Snort doesn't trigger while the payload size is big (even for ~4-5KB files) Joel Esler

Monday, 06 December

Snorby 2.0.0 Released Dustin Webber
Re: Readers of the VRT blog Russell Fulton
I need some opinions Joel Esler
Re: I need some opinions Andres Carrera Rivera
Re: I need some opinions Joel Esler
Re: I need some opinions L0rd Ch0de1m0rt
Re: I need some opinions Joel Esler
Re: Readers of the VRT blog Sandro guly Zaccarini
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Russ Combs
Re: I need some opinions L0rd Ch0de1m0rt
Re: [Snort-devel] I need some opinions Bill Scherr IV
Re: Snort 2.9.0.2 to be released Russ Combs
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Ross Lawrie
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Russ Combs
Re: Changes in the latest rule packs Andy Berryman
New Sig Doc is one giant file? Andy Berryman
Re: New Sig Doc is one giant file? Nigel Houghton

Tuesday, 07 December

Re: I need some opinions waldo kitty
Re: I need some opinions Joel Esler
about the sfportscan ll
ERROR! daq_static library not found Kum Weng Luey
Re: about the sfportscan waldo kitty
Attack from .jp IPs L0rd Ch0de1m0rt
Re: [Emerging-Sigs] Attack from .jp IPs Jason Wallace
Re: Attack from .jp IPs Matt Olney
Re: [Emerging-Sigs] Attack from .jp IPs Sandro guly Zaccarini
Re: Attack from .jp IPs Martin Roesch
Re: [Emerging-Sigs] Attack from .jp IPs Mike Cox
Re: [Emerging-Sigs] Attack from .jp IPs Joel Esler
Re: Attack from .jp IPs Giles Coochey
Re: Attack from .jp IPs Jamie Riden
Re: [Emerging-Sigs] Attack from .jp IPs Steve McChortle
Re: ERROR! daq_static library not found Joel Esler
Re: [Emerging-Sigs] Attack from .jp IPs Miso Patel
Re: New Sig Doc is one giant file? Andy Berryman
Re: New Sig Doc is one giant file? Nigel Houghton
Re: [Emerging-Sigs] Attack from .jp IPs Eoin Miller

Wednesday, 08 December

Re: Linux recommendations Kevin Ross
Re: Readers of the VRT blog Mike Lococo
Re: [Emerging-Sigs] which SQL injection detection rule is best when considering performance, false-positive, real attack Martin Holste
Re: Readers of the VRT blog Kevin Ross
Re: [Emerging-Sigs] Attack from .jp IPs evilghost () packetmail net
Re: [Emerging-Sigs] Attack from .jp IPs Josh Little
Housekeeping Joel Esler
Re: [Emerging-Sigs] Attack from .jp IPs Tom Le
Re: [Emerging-Sigs] Attack from .jp IPs Jamie Riden
Are commas allowed in signature descriptions? Paul Halliday
Re: Are commas allowed in signature descriptions? Alex Kirk
Re: Ourmon Jefferson, Shawn
Re: [Snort-users] Ourmon Andres Carrera
Re: [Snort-users] Ourmon Edward Fjellskål
Re: Issues with the Snort Manual (Patch) Ryan Jordan

Thursday, 09 December

Re: Issues with the Snort Manual (Patch) Joshua.Kinard
Re: Are commas allowed in signature descriptions? waldo kitty
Re: Snort preprocessor perfmonitor Salahudin Wan Khairuzzaman
Re: Snort preprocessor perfmonitor Andres Carrera Rivera
Re: Snort preprocessor perfmonitor Salahudin Wan Khairuzzaman
Re: Are commas allowed in signature descriptions? Alex Kirk
Re: [PATCHES] Fixes for daq_nfq Russ Combs
Rate limiting alerts Mike Kun
Re: Rate limiting alerts Joel Esler
Sourcefire VRT Certified Snort Rules Update 2010-12-09 Research

Friday, 10 December

Re: Ourmon Alex Tatistcheff
Confusion on Protocol Mismatch Lay, James
Re: Confusion on Protocol Mismatch Weir, Jason
Re: Confusion on Protocol Mismatch Ryan Jordan
Re: Confusion on Protocol Mismatch Lay, James
How do I filter either Kiwi Syslog or Snort to stop this recurring Auth_Alert? Matt Lenco
Re: How do I filter either Kiwi Syslog or Snort to stop this recurring Auth_Alert? Joel Esler
Re: How do I filter either Kiwi Syslog or Snort to stop this recurring Auth_Alert? Lay, James
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Ross Lawrie
Binary File Processed Nicely but Alerts Not Showing Up in Kiwi Matt Lenco
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Russ Combs
Re: Binary File Processed Nicely but Alerts Not Showing Up in Kiwi Joel Esler
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems JJC

Saturday, 11 December

Re: Binary File Processed Nicely but Alerts Not Showing Up in Kiwi Michael Steele
Distributed Snort possibility? turki
Re: Distributed Snort possibility? Kevin Ross

Sunday, 12 December

Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Randal T. Rioux
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems Randal T. Rioux
Re: Snort 2.9.0.1 & OpenBSD 4.8 build problems JJ Cummings

Monday, 13 December

Re: Snort doesn't trigger while the payload size is big (even for ~4-5KB files) Sujit Ghosal
Zero Kiwi Log Output But SSL Preprocessor Finds 84 Server Application Alerts Matt Lenco
IPv6 Teredo tunneling crashing snort? Ufi
Re: IPv6 Teredo tunneling crashing snort? Ryan Jordan
Re: IPv6 Teredo tunneling crashing snort? Ufi
Re: Snort doesn't trigger while the payload size is big (even for ~4-5KB files) Joel Esler
Re: Zero Kiwi Log Output But SSL Preprocessor Finds 84 Server Application Alerts Joel Esler
Re: Zero Kiwi Log Output But SSL Preprocessor Finds 84 Server Application Alerts Matt Lenco
Re: IPv6 Teredo tunneling crashing snort? Russ Combs

Tuesday, 14 December

Minor corrections to the 2.9.0.2 manual Joshua.Kinard
Re: Snort doesn't trigger while the payload size is big (even for ~4-5KB files) Sujit Ghosal
Re: Snort doesn't trigger while the payload size is big (even for ~4-5KB files) Joel Esler
Re: Snort doesn't trigger while the payload size is big (even for ~4-5KB files) Sujit Ghosal
Tagged packets alerts Kungu Panda
Re: Tagged packets alerts Joel Esler
Re: Tagged packets alerts Kungu Panda
Snort.org has a new blog! Joel Esler
Re: [Snort-devel] Snort.org has a new blog! Castle, Shane
snort rule 128-6 reporting but no description at VRT Lawrence R. Hughes, Sr.
Re: [Snort-devel] Snort.org has a new blog! Joel Esler
Re: snort rule 128-6 reporting but no description at VRT Ryan Jordan
snort Port Based Pattern Matching Memory Lawrence R. Hughes, Sr.
Re: snort Port Based Pattern Matching Memory Joel Esler
Sourcefire VRT Certified Snort Rules Update 2010-12-14 Research
Re: snort Port Based Pattern Matching Memory Lawrence R. Hughes, Sr.
Re: snort Port Based Pattern Matching Memory Joel Esler
Richard Tyrrell/Telford/Syan Ltd is out of the office. Richard Tyrrell
Re: Snort.org has a new blog! Joel Esler
Re: Snort.org has a new blog! Jamie Riden

Wednesday, 15 December

snort memory resident Lawrence R. Hughes, Sr.
How do I automate reading multiple captures? Matt Lenco
Snort libmysql error Azher Mughal
More packet drops Lay, James
Re: Snort libmysql error vincent
Re: Snort libmysql error Azher Mughal
Re: Snort libmysql error vincent
Re: How do I automate reading multiple captures? Joel Esler

Thursday, 16 December

Snort 2.9 + Debian Alejandro Cabrera Obed
Re: Snort 2.9 + Debian Nick Moore
Re: Snort 2.9 + Debian Russ Combs
snort SID 119-15 Lawrence R. Hughes, Sr.
Re: snort SID 119-15 Sandro guly Zaccarini
Re: snort SID 119-15 JJC
Re: snort SID 119-15 Nigel Houghton
Re: Snort 2.9 + Debian Joel Esler
No bridging support with Daq? NA
Re: No bridging support with Daq? Russ Combs
congratulations to snort! for getting the sourceforge.net project of the month! waldo kitty
Re: No bridging support with Daq? Jason Wallace
Re: No bridging support with Daq? Russ Combs
Re: No bridging support with Daq? Jason Wallace
Re: No bridging support with Daq? Russ Combs
Re: Minor corrections to the 2.9.0.2 manual Ryan Jordan
Re: No bridging support with Daq? NA
snort stream5 small_segments x bytes x Lawrence R. Hughes, Sr.
Re: No bridging support with Daq? Jason Wallace
Question regarding distances after a byte_jump... evejou
Re: Question regarding distances after a byte_jump... evejou

Friday, 17 December

Re: No bridging support with Daq? NA
Re: Question regarding distances after a byte_jump... Joel Esler
Re: No bridging support with Daq? Gisle Vanem
Re: congratulations to snort! for getting the sourceforge.net project of the month! Joel Esler
Re: Question regarding distances after a byte_jump... evejou
Re: Question regarding distances after a byte_jump... Joel Esler
I'm overwhelmed by all this, but determined. Perhaps a little direction? Barry Demers
Re: [Emerging-Sigs] congratulations to snort! for getting thesourceforge.net project of the month! evilghost () packetmail net
Re: Are commas allowed in signature descriptions? Matthew Jonkman
[PATCH 1/1] daq_nfq: fix cfg->timeout usage and remove extra select call Florian Westphal
Re: More packet drops Kevin Ross
Re: [PATCH 1/1] daq_nfq: fix cfg->timeout usage and remove extra select call Russ Combs
Re: [PATCH 1/1] daq_nfq: fix cfg->timeout usage and remove extra select call Florian Westphal
Re: No bridging support with Daq? Ryan Jordan
Re: No bridging support with Daq? Ryan Jordan
Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified JS
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified Kevin Ross
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified JS
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified Eoin Miller
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified JS
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified Russ Combs
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified Eoin Miller
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified Russ Combs
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified Joel Esler
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassified Joel Esler
Snort 2.9.0.3 is coming soon! Joel Esler
Security Analogies Crook, Parker
Re: Minor corrections to the 2.9.0.2 manual Joshua.Kinard
Re: Snort 2.9.0.3 is coming soon! Joel Esler
Re: Minor corrections to the 2.9.0.2 manual Joel Esler
Undocumented parameters to the 'flow' option? Joshua.Kinard
Re: Security Analogies Joel Esler

Saturday, 18 December

Re: Undocumented parameters to the 'flow' option? Joel Esler

Sunday, 19 December

unclassified alerts Michael Lubinski

Monday, 20 December

Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassifiede Jun Wan
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassifiede Randal T. Rioux
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassifiede Jun Wan
Re: unclassified alerts Joel Esler
Rules for Snort 2.9.0.2 Alejandro Cabrera Obed
Error: Can't Initialize DAQ pcap (-1) bad dump file format Matt Lenco
Snort 2.9 versions to choose J. L. Cabral
Re: Snort 2.9 versions to choose J. L. Cabral
Re: Snort 2.9 versions to choose Joel Esler
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassifiede Jefferson, Shawn
Re: Linux recommendations CunningPike
Sourcefire VRT Certified Snort Rules Update 2010-12-20 Research
Snort 2.9.0.3 Now Available Snort Releases
Snort 2.9.0.3 Now Available Snort Releases
Re: Rules for Snort 2.9.0.2 Joel Esler
Best practices for very high volume install.. Wil Schultz
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassifiede Jun Wan
Re: Best practices for very high volume install.. Castle, Shane
Re: Best practices for very high volume install.. Joe Pampel

Tuesday, 21 December

[PATCH]: Add "iis_encode" parameter to manual for http_encode Joshua.Kinard
[PATCH]: Change reserved bits in flags keyword to match RFC 3168 Joshua.Kinard
Re: Best practices for very high volume install.. Joel Esler
Re: [PATCH]: Add "iis_encode" parameter to manual for http_encode Joel Esler
Re: [PATCH]: Change reserved bits in flags keyword to match RFC 3168 Joel Esler
Re: Snort 2.9.0.3 Now Available vincent
Re: [PATCH]: Add "iis_encode" parameter to manual for http_encode Joel Esler
Re: [PATCH]: Change reserved bits in flags keyword to match RFC 3168 Joel Esler
FATALs with snort-2.9.0.3 Lay, James
snort prune open sessions Lawrence R. Hughes, Sr.
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman
Re: snort prune open sessions Joel Esler
-pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Matt Lenco
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Joel Esler
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Joel Esler
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Matt Lenco
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Joel Esler
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Joel Esler
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Joel Esler
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman
snort DCE/RPC reassemble_threshold Lawrence R. Hughes, Sr.
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Matt Lenco
Re: snort DCE/RPC reassemble_threshold Ryan Jordan
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Joel Esler
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Matt Lenco
Re: snort DCE/RPC reassemble_threshold Lawrence R. Hughes, Sr.
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Joel Esler
Re: snort DCE/RPC reassemble_threshold Ryan Jordan
Tweak mysql database Atkins, Dwane P
Re: Tweak mysql database Dustin Webber
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassifiede Jefferson, Shawn
Re: Best practices for very high volume install.. Jefferson, Shawn
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Matt Lenco
Re: Best practices for very high volume install.. Weir, Jason
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Joel Esler
Re: Best practices for very high volume install.. Jefferson, Shawn
Re: Best practices for very high volume install.. Crook, Parker
Re: Best practices for very high volume install.. Matthew Jonkman
Re: Undocumented parameters to the 'flow' option? Joshua.Kinard
Re: Undocumented parameters to the 'flow' option? Joel Esler
[PATCH]: Re-word uricontent's description a bit more in the manual Joshua.Kinard
[PATCH]: Add missing semi-colons to manual for a few options Joshua.Kinard
Snort CVSweb broke? Joshua.Kinard

Wednesday, 22 December

Re: [PATCH]: Re-word uricontent's description a bit more in the manual Joel Esler
Re: [PATCH]: Add missing semi-colons to manual for a few options Joel Esler
Re: Snort CVSweb broke? Joel Esler
Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassifiede Joel Esler
Rule Migration Cheat Sheet? Hayes, Bert (ISO)
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 evilghost () packetmail net
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 evilghost () packetmail net
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 evilghost () packetmail net
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Joel Esler
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Lay, James
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman
Re: Rule Migration Cheat Sheet? Joel Esler
ATTN: Snort Package Maintainers! Joel Esler
Analyzing SNORT output and Alerts in Kiwi Syslog Matt Lenco
Re: -pcap-dir=c:\Network_Device_Logs -pcap-show isn't working, hangs at "commencing packet processing" Joel Esler
Re: [Spam] Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Lay, James
Re: Rule Migration Cheat Sheet? Crook, Parker
Snort with two instances J. L. Cabral
Re: Snort with two instances Eoin Miller
Sourcefire VRT Certified Snort Rules Update 2010-12-22 Research
Re: Snort with two instances Castle, Shane
Re: Snort with two instances David C. Maple
Re: Snort with two instances Lay, James
Re: Rule Migration Cheat Sheet? Joel Esler
Re: Rule Migration Cheat Sheet? Eoin Miller
Re: Rule Migration Cheat Sheet? Joel Esler

Thursday, 23 December

Snort populates Mysql a lot J. L. Cabral
Re: Snort populates Mysql a lot Joel Esler
Re: Snort populates Mysql a lot Dustin Webber
gen-msg.map missing entries for ssl preprocessor? Kungu Panda
Fwd: gen-msg.map missing entries for ssl preprocessor? Joel Esler
Re: Snort populates Mysql a lot evilghost () packetmail net
Re: gen-msg.map missing entries for ssl preprocessor? Matt Watchinski
HTTP Headers Not Seen in SNORT Post-Processing Logs Though HTTP 443 is Exploited Matt Lenco
Re: Snort populates Mysql a lot Gregory Zill
Re: Snort populates Mysql a lot J. L. Cabral
Re: Snort populates Mysql a lot Matt Watchinski
Re: Snort populates Mysql a lot Joel Esler
Re: [Emerging-Sigs] New Classification System Proposal Joel Esler
Re: [Snort-sigs] [Emerging-Sigs] New Classification System Proposal Joel Esler
Re: [Snort-sigs] [Emerging-Sigs] New Classification System Proposal Victor Julien
Re: [Emerging-Sigs] New Classification System Proposal Matthew Jonkman
Re: [Snort-sigs] [Emerging-Sigs] New Classification System Proposal Matthew Jonkman
Re: [Snort-sigs] [Emerging-Sigs] New Classification System Proposal Joel Esler
Re: [Emerging-Sigs] New Classification System Proposal Paul Halliday
Re: [Emerging-Sigs] New Classification System Proposal Joel Esler
Re: [Emerging-Sigs] New Classification System Proposal Joel Esler
New Proposed Classification.config file setup Joel Esler
Re: [Emerging-Sigs] New Classification System Proposal Randal T. Rioux

Friday, 24 December

Re: New Proposed Classification.config file setup Martin Roesch
Re: New Proposed Classification.config file setup Joshua.Kinard
Re: New Proposed Classification.config file setup Joel Esler
Re: [Emerging-Sigs] [Snort-sigs] New Classification System Proposal Darren Spruell
SQueRT 0.7b Released. Paul Halliday
New snort install ipvar issue James Lay
Re: New snort install ipvar issue John Gay
Re: New snort install ipvar issue James Lay
Re: New snort install ipvar issue John Gay
Re: New snort install ipvar issue James Lay
Re: New snort install ipvar issue John Gay
Re: New snort install ipvar issue James Lay
Re: Snort with two instances Mike Lococo

Saturday, 25 December

Re: Snort 2.9.0.2 / barnyard2 / base 1.4.5 signature not displayed and is unclassifiede Jun Wan

Sunday, 26 December

AIX Snort / libdnet Update Randal T. Rioux
Re: Snort 2.9.0.3 Now Available Azher Mughal
Re: [Emerging-Sigs] New Proposed Classification.config file setup Martin Holste
Re: Snort 2.9.0.3 Now Available vincent
Re: Snort 2.9.0.3 Now Available waldo kitty

Monday, 27 December

Re: Snort 2.9.0.3 Now Available Leon Ward
Re: Snort 2.9.0.3 Now Available vincent
Re: Snort 2.9.0.3 Now Available Edward Fjellskål
Re: [Emerging-Sigs] New Proposed Classification.config file setup Martin Roesch
Re: [Emerging-Sigs] [Snort-devel] New Proposed Classification.config file setup Martin Holste
Get warnings in real-time J. L. Cabral
Re: [Emerging-Sigs] New Proposed Classification.config file setup Frank Knobbe
Re: [Emerging-Sigs] New Proposed Classification.config file setup Joshua.Kinard

Tuesday, 28 December

Re: Snort 2.9.0.3 Now Available waldo kitty
Re: New Proposed Classification.config file setup Crusty Saint
Re: [Emerging-Sigs] New Proposed Classification.config file setup Gregory W. MacPherson
Re: Snort 2.9.0.3 Now Available Joel Esler
Re: Snort 2.9.0.3 Now Available vincent
Stream5 confusion Lay, James
Re: [Emerging-Sigs] New Proposed Classification.config file setup Martin Holste
Re: Stream5 confusion Eric L. Howard
Re: Stream5 confusion Lay, James

Wednesday, 29 December

Re: Snort 2.9.0.3 Now Available James Kaufman
Re: Snort 2.9.0.3 Now Available Joel Esler
Patch to running Snort on Solaris 10 SPARC Stephan
Duplicate sids (again) Lay, James
Re: Patch to running Snort on Solaris 10 SPARC Joel Esler
Multiple rule issues after upgrade Lay, James
Re: [Emerging-Sigs] Duplicate sids (again) Weir, Jason
Re: [Emerging-Sigs] Multiple rule issues after upgrade Joel Esler
Re: [Emerging-Sigs] Duplicate sids (again) Matthew Jonkman
Re: [Emerging-Sigs] Multiple rule issues after upgrade Matthew Jonkman
Re: [Emerging-Sigs] Multiple rule issues after upgrade Lay, James
Re: [Emerging-Sigs] Multiple rule issues after upgrade L0rd Ch0de1m0rt
Disabling Snort signatures with Oinkmster J. L. Cabral
Re: Disabling Snort signatures with Oinkmster John Gay
Re: Disabling Snort signatures with Oinkmster Weir, Jason
Re: Snort 2.9.0.3 Now Available vincent
Unsubscribe Tami.McGee () ftb ca gov McGee.Tami
Re: Unsubscribe Tami.McGee () ftb ca gov Rob MacGregor
New snort.conf Crook, Parker
Re: New snort.conf Joel Esler
Re: Unsubscribe Tami.McGee () ftb ca gov Randal T. Rioux
Re: Unsubscribe Tami.McGee () ftb ca gov Castle, Shane

Thursday, 30 December

Re: Unsubscribe Tami.McGee () ftb ca gov Randal T. Rioux
Re: New snort.conf Eoin Miller
too many Alerts (129:12:0)---more than 7000 alerts /per day Jun Wan
Re: too many Alerts (129:12:0)---more than 7000 alerts /per day James Lay
Snort instance crashes J. L. Cabral
Re: Disabling Snort signatures with Oinkmster J. L. Cabral
Re: Snort instance crashes J. L. Cabral
Re: Snort populates Mysql a lot J. L. Cabral
Re: Snort instance crashes evilghost () packetmail net
Re: too many Alerts (129:12:0)---more than 7000 alerts /per day Matt Watchinski
Re: Snort instance crashes Bhagya Bantwal
Re: New snort.conf Crook, Parker
Re: New snort.conf Joel Esler

Friday, 31 December

Re: Disabling Snort signatures with Oinkmster waldo kitty

Saturday, 01 January

Re: too many Alerts (129:12:0)---more than 7000 alerts /per day Jun Wan
Re: too many Alerts (129:12:0)---more than 7000 alerts /per day Jun Wan
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault