[Snort-users] id check returned root ?!?!
hackerwacker at ...3784...
Sat Jun 28 15:38:03 EDT 2003
My system admin uses the command "id" a lot on BSDi, which triggers
this rule. It's a great way to keep track of where he is.
More information about the Snort-users