[Snort-users] FPs on 13711-13713

Castle, Shane scastle at ...14946...
Thu Aug 26 16:12:11 EDT 2010


The recently added rules 13711, 13712, and 13713 all exhibit FP behavior
for the google chat application, google Talk, using XMPP. 

Attached are pcaps.

--
Shane Castle
Data Security Mgr, Boulder County IT
GSEC GCIH
303-441-3953


-------------- next part --------------
A non-text attachment was scrubbed...
Name: base_packet_7-2400725.pcap
Type: application/octet-stream
Size: 211 bytes
Desc: base_packet_7-2400725.pcap
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100826/66f0a1f7/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: base_packet_7-2400723.pcap
Type: application/octet-stream
Size: 211 bytes
Desc: base_packet_7-2400723.pcap
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100826/66f0a1f7/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: base_packet_7-2400724.pcap
Type: application/octet-stream
Size: 211 bytes
Desc: base_packet_7-2400724.pcap
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100826/66f0a1f7/attachment-0002.obj>


More information about the Snort-users mailing list