[Snort-users] Snort Signature Database

Stephan Scholz sscholz at ...9753...
Tue Aug 8 08:11:26 EDT 2006


This alert is not generated by a signature, but rather by a Snort preprocessor.
Details on alerts of preprocessors can be found in the according documentation,
e.g. doc/README.http_inspect

Stephan

Than Yu Jin wrote:
> Hi all,
> 
>  
> 
> Does anyone know is there any more snort signature database other than
> http://www.snort.org/pub-bin/sigs.cgi
> 
> I realize this database does not include all the definition for the
> attack alerts.
> 
>  
> 
> Eg, (http_inspect) BARE BYTE UNICODE ENCODING
> 
>  
> 
> Even I receive alerts, but I could not do any action since it is unknown
> classification.
> 
>  
> 
> It will be good, if the others snort signature database will be same as
> this
> 
> http://www.snort.org/pub-bin/sigs.cgi?sid=2649
> 
>  
> 
> Thank You.....
> 
>  
> 
> Regards,
> 
> Eugene
> 
> IT Security, OPUS/IT
> 
> 03 - 27306653 (ext: 653)
> 
>  
> 
> Data Classification:* 2*
> [ 0-Public  1-Internal  2-Confidential (authorization required) 
> 3-Strictly Confidential ]
> 
> /This message is intended solely for the addressee. It is confidential
> and may be legally privileged. Access to this message by anyone is
> unauthorized. Unauthorized use is strictly prohibited and may be
> unlawful.  If you are not the intended recipient, any disclosure,
> copying, or distribution of the message, or any action or omission taken
> by you in reliance on it, except for the purpose of the delivery to the
> addressee, is prohibited and may be unlawful. Any confidentiality or
> privilege is not waived or lost because this mail has been sent to by
> mistake./
> 
>  
> 
> This e-mail and any attachments therewith are intended only for the use
> of the address. This e-mail may contain confidential and privileged
> information. Any unauthorized use, copying or disclosure of information
> contained in this e-mail or its attachments is strictly prohibited and
> may be unlawful. If you have received this e-mail in error, please
> contact the sender via return e-mail and delete this e-mail and
> attachments thereafter. Any confidentiality or privilege is not waived
> or lost because this e-mail has been sent to you by mistake. Any
> liability for viruses is excluded to the fullest extent permitted by law.
> 
>  
> 
> 
> ------------------------------------------------------------------------
> 
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users


-- 

Stephan Scholz

sscholz at ...9753... | Development
Astaro AG | www.astaro.com | Phone +49-721-25516-0
Fax +49-721-25516-200
Amalienbadstraße 36 / Bau 33a | 76227 Karlsruhe | Germany

- PC Magazine Best of the Year 2004/2005
- CRN Best of the Year 2005
- SC Magazine "Best Buy" & 5 star rating - October 2005, Best of the Year 2005
- Internet Professionell "Empfehlung der Redaktion" - November 2005





More information about the Snort-users mailing list