[Snort-users] Cannot find alert

JJC cummingsj at ...11827...
Wed Feb 9 13:04:49 EST 2011


On Wed, Feb 9, 2011 at 10:59 AM, Michael Lubinski
<michael.lubinski at ...11827...> wrote:
> I cannot find this alert for the life of me;
> "DNS SPOOF query response with TTL of 1 min. and no authority"
> using the command;
> grep -i "INSERT NUMEROUS SYNTAX'S" /etc/snort/gen-msg.map
> I seem to keep having issues finding certain alerts at times. Am I looking
> in the wrong place or is my .map file incorrect?
> ------------------------------------------------------------------------------
> The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
> Pinpoint memory and threading errors before they happen.
> Find and fix more than 250 security defects in the development cycle.
> Locate bottlenecks in serial and parallel code that limit performance.
> http://p.sf.net/sfu/intel-dev2devfeb
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>

Try the sid-msg.map




More information about the Snort-users mailing list