[Snort-users] New Snort 2.2 Rules

Walt Rich walt.rich at ...12648...
Wed Sep 14 13:27:30 EDT 2005

I updated the Snort rules to the latest available on Souceforge's site.
They wre auite out of date, and almost a year old.  Snort is up and
running, but has become very queit!  It used to detect alot of false
positives, which were a pain, but at least I knew it was working.  Now
it is very, very quiet, and hasn't detected anything in over 2 hours.
Is it possible that the rule writers have become so good that the
detection of false positives has been almost eliminated?  Has anyone
else experienced anything similar?  Any input is greatly appreciated.

| Walt Rich | Sr. Network Engineer | Parago, Inc. | 972.538.7253 | 
walt.rich at ...12648... |
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20050914/05f6d54b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: parago_logo_for_email.gif
Type: image/gif
Size: 976 bytes
Desc: parago_logo_for_email.gif
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20050914/05f6d54b/attachment.gif>

More information about the Snort-users mailing list