[Snort-users] Question about Line in Logfile...

Chris Green cmg at ...1935...
Mon Jul 28 09:18:09 EDT 2003


Erek Adams <erek at ...950...> writes:

>> 07/23-00:18:28.945319  [**] [1:0:0] Test [**] [Priority: 0] {TCP}\
>> 217.224.228.216:33137 -> 81.57.63.19:2234
[...]
>
> Something's not right about that though, as there is no SID 0.  Do you
> have sid-msg.map and gen-msg.map correctly installed?

That's the default behavior of a rule with no sid: or rev: option
-- 
Chris Green <cmg at ...1935...>
Chicken's thinkin'




More information about the Snort-users mailing list