[Snort-users] Strange..

Briggs, Bruce Bruce.Briggs at ...13183...
Fri Mar 18 16:22:02 EST 2005


Can't help with your 1st question.
 
 
For the lookups- in acid_conf.php change:
"snort" => array("http://www.snort.org/snort-db/sid.html?sid=", ""), 
to:
"snort" => array("http://www.snort.org/pub-bin/sigs.cgi?sid=", ""),
 
Bruce

  _____  

From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Marc
Hering
Sent: Friday, March 18, 2005 5:06 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Strange..


Hey, Ever since they shut down the direct snort lookup from ACID my life
has sucked....  Anyway, I am getting LOTS of these errors.
(spp_stream4) possible EVASIVE RST detection
 
Are they normal *(We are an ASP, so people hit our database via the
website all day long)*  and if so where would this rule be soI can
comment it out?
 
Thanks!
 
 
(Also how can I fix the ACID rule lookup?)
 
Thaks
 
Marc Hering
Manager of Network Operations
Reval
100 Broadway 22nd Floor
New York, NY 10005
Direct: 212-901-9710
Fax: 212-901-9797
www.reval.com <http://www.reval.com/> 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20050318/59188ce9/attachment.html>


More information about the Snort-users mailing list