[Snort-users] Looking for info re: snort rules hard coded i.e.[119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING

Brian bmc at ...950...
Fri Aug 27 13:35:16 EDT 2004

On Thu, Aug 26, 2004 at 10:37:35AM -0500, Bruce L. Donlin wrote:
> Is there an easy way of getting information regarding the alerts
> generated by snort, but not documented in the snort signature database?
> Examples:
>  [119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING 


>  [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING 


>  [119:2:1] (http_inspect) DOUBLE DECODING ATTACK 



More information about the Snort-users mailing list