[Snort-users] Strange..

Briggs, Bruce Bruce.Briggs at ...13183...
Fri Mar 18 16:22:02 EST 2005

Can't help with your 1st question.
For the lookups- in acid_conf.php change:
"snort" => array("http://www.snort.org/snort-db/sid.html?sid=", ""), 
"snort" => array("http://www.snort.org/pub-bin/sigs.cgi?sid=", ""),


From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Marc
Sent: Friday, March 18, 2005 5:06 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Strange..

Hey, Ever since they shut down the direct snort lookup from ACID my life
has sucked....  Anyway, I am getting LOTS of these errors.
(spp_stream4) possible EVASIVE RST detection
Are they normal *(We are an ASP, so people hit our database via the
website all day long)*  and if so where would this rule be soI can
comment it out?
(Also how can I fix the ACID rule lookup?)
Marc Hering
Manager of Network Operations
100 Broadway 22nd Floor
New York, NY 10005
Direct: 212-901-9710
Fax: 212-901-9797
www.reval.com <http://www.reval.com/> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20050318/59188ce9/attachment.html>

More information about the Snort-users mailing list