[Snort-users] Cannot find alert

Michael Lubinski michael.lubinski at ...11827...
Wed Feb 9 12:59:27 EST 2011


I cannot find this alert for the life of me;

"DNS SPOOF query response with TTL of 1 min. and no authority"

using the command;

grep -i "INSERT NUMEROUS SYNTAX'S" /etc/snort/gen-msg.map

I seem to keep having issues finding certain alerts at times. Am I looking
in the wrong place or is my .map file incorrect?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20110209/eb2272a8/attachment.html>


More information about the Snort-users mailing list