[Snort-sigs] 5910 False positive

Joel Esler joel.esler at ...435...
Wed Nov 29 10:18:02 EST 2006


It would be better if a pcap could be provided, the bin file is just a text dump of the packet.

J


On Sat, Nov 18, 2006 at 06:52:10PM -0700, it looks like James Lay sent me:
> Here the template and bin file from base.
> 
> James
> 



> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys - and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs





+---------------------------------------------------------------------+
joel esler          senior security consultant         1-706-627-2101
Sourcefire    Security for the /Real/ World -- http://www.sourcefire.com
       Snort - Open Source Network IPS/IDS -- http://www.snort.org
         gpg key: http://demo.sourcefire.com/jesler.pgp.key
           aim:eslerjoel  ymsg:eslerjoel gtalk:eslerj
+---------------------------------------------------------------------+




More information about the Snort-sigs mailing list