[Snort-users] MySQL support for Snort 2.9.4

Joel Esler jesler at ...1935...
Tue Dec 11 14:11:09 EST 2012


You aren't generating any alerts because of:

On Dec 11, 2012, at 2:06 PM, Kaya Saman <kayasaman at ...11827...> wrote:

> Bad Chk Sum:      9421212 ( 50.311%)

Try adding -k none to your Snort command line and see if you get anything logged that way. 


> Action Stats:
>     Alerts:            0 (  0.000%)
>     Logged:            0 (  0.000%)
>     Passed:            0 (  0.000%)


See, nothing alerted.

Also,
you might want to use PulledPork to manage your ruleset, as it looks like you have a bunch of unresolved flowbit issues.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121211/82d02c3e/attachment.html>


More information about the Snort-users mailing list