[Snort-users] New Snort 2.2 Rules

Walt Rich walt.rich at ...12648...
Wed Sep 14 13:27:30 EDT 2005


I updated the Snort rules to the latest available on Souceforge's site.
They wre auite out of date, and almost a year old.  Snort is up and
running, but has become very queit!  It used to detect alot of false
positives, which were a pain, but at least I knew it was working.  Now
it is very, very quiet, and hasn't detected anything in over 2 hours.
Is it possible that the rule writers have become so good that the
detection of false positives has been almost eliminated?  Has anyone
else experienced anything similar?  Any input is greatly appreciated.
 
Thanks! 
 
	 
________________________________

| Walt Rich | Sr. Network Engineer | Parago, Inc. | 972.538.7253 | 
walt.rich at ...12648... |
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20050914/05f6d54b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: parago_logo_for_email.gif
Type: image/gif
Size: 976 bytes
Desc: parago_logo_for_email.gif
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20050914/05f6d54b/attachment.gif>


More information about the Snort-users mailing list