[Snort-users] Snort only produces Steam5 alerts

Jefferson Diego Diede jeffersondiego8 at ...11827...
Sat Sep 28 08:02:48 EDT 2013


Are you using the full ruleset?



*Best Regards,*



Jefferson *“**Diede”* Diego

*Linux System Administrator*



                        Enviado via iPhone

Em 27/09/2013, às 17:28, Joe Seanor <joseph.seanor at ...11827...> escreveu:

I have a new install of snort:

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.3.1 IPv6 GRE (Build 40)
   ''''    By Martin Roesch & The Snort Team:
http://www.snort.org/snort/snort-team
           Copyright (C) 1998-2012 Sourcefire, Inc., et al.
           Using libpcap version 1.4.0
           Using PCRE version: 8.30 2012-02-04
           Using ZLIB version: 1.2.7


And it has run for a full 24 hours, and the only alert (50 of them) that I
have is stream5: Reset outside window.  I even ran an external Nmap scan,
and I received a "Portscan alert" and then everything else showed up as a
stream5 alert.

What did I miss in my configuration?

Joe

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most
from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort
news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130928/370278e1/attachment.html>


More information about the Snort-users mailing list