[Snort-users] Looking for info re: snort rules hard coded i.e.[119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING

Bruce L. Donlin BLDonlin at ...12339...
Fri Aug 27 05:43:13 EDT 2004


Is there an easy way of getting information regarding the alerts
generated by snort, but not documented in the snort signature database?
 
Examples:
 [119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING 
 [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING 
 [119:2:1] (http_inspect) DOUBLE DECODING ATTACK 
 
Bruce L. Donlin
The Barrier Group

 

email: BLDonlin at ...12339...
 
Phone Main:  763.422.3776
Fax               763.421.6454
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040827/8c5e67a3/attachment.html>


More information about the Snort-users mailing list