[Snort-sigs] Lots of triggers from NETBIOS SMB SMB_COM_TRANSACTION Max Data Count of 0 DOS Attempt

Johnathan Norman jnorman at ...1256...
Wed Apr 23 22:06:04 EDT 2003


On Wed, Apr 23, 2003 at 01:40:44AM -0400, Brian wrote:
> On Tue, Apr 22, 2003 at 10:59:24PM -0500, Johnathan Norman wrote:
> > They are false positives. I have had the same problem. My sensors updated this weekend 
> > and when i came into the office monday we had a few thousand events.
> 
> Can you guys try the suggestion I made here:
> 
>    http://marc.theaimsgroup.com/?l=snort-sigs&m=105004489606354&w=2
> 
> And let me know?
> 
> -brian

That seems to fix the problem.

-- 
Johnathan Norman, SCNA,CCSP       Office: 713.484.8383
Network Security Specialist       Email: JNorman at ...1256...
Alert Logic, Inc.                 http://www.alertlogic.net





More information about the Snort-sigs mailing list