[Snort-users] Snort Alert Help for Rule : SID=2
naman.latif at ...10264...
Thu Dec 4 09:26:06 EST 2003
My config file is
preprocessor stream4: detect_scans, ttl_limit , memcap 
I thought the default settings are
detect_state_problems is OFF
disable_evasion_alerts is OFF
So I don't have "detect_state_problems" activated. Maybe it's the
"evasion_alerts" plugin causing these alerts ? I will try disabling
From: Jeff Dell [mailto:jdell at ...1095...]
That would be the Stream 4 Preprocessor that is creating the alert.
The option "detect_state_problems" is what is triggering this event.
More information about the Snort-users