[Snort-users] Safety tip for ACID users :-)

Jason Haar Jason.Haar at ...294...
Mon Oct 1 16:51:02 EDT 2001

Beware! ACID and Snort can become vile enemies at the drop of a hat.

I just noticed (via snort) that we had tonnes of hits on "WEB-MISC
readme.eml attempt". Looking at it I saw that 99.99% of them came from the
ACID server itself! 

... of course the rule matches on web pages containing the string

So, back to running ACID over https like I always should have been... :-}


Jason Haar

Unix/Special Projects, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417

More information about the Snort-users mailing list