[Snort-users] alert file problem

Ganu Skop skopganu at ...131...
Thu Jun 20 00:17:02 EDT 2002


hi all,
lately been getting an alert file with wrong
classification - it doesn't match
classification-config at all such as (syslog file)

Jun 20 11:13:12 xxx host: [1:1765:2] WEB-CGI Nortel
Contivity cgiproc access [Classification: \240m)]
[Prio
rity: 2]: {TCP} x.x.x.x:3455 -> y.y.y.y:80

Jun 20 11:13:13 xxx host: [1:1215:5] WEB-CGI ministats
admin access [Classification: \240m)] [Priority: 2]:
 {TCP} x.x.x.x:3482 -> y.y.y.y:80


it stated that [Classification: \240m)] - any idea ?


=====
//skopganu

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com




More information about the Snort-users mailing list