[Snort-users] Snort Alert [1:1000001:1]

Michael Brown mike.a.brown09 at ...11827...
Wed Feb 19 16:03:30 EST 2014


Normally that is created to test snort after you configure and set it up
for the first time.

---
Thank you,

Michael A. Brown
mike.a.brown09 at ...11827...
(757) 912-0836
M.S. Forensic Studies: Computer Forensics
B.S. Information Technology: Network Specialist

"The only thing necessary for the triumph of evil is for good men to do
nothing" -Edmund Burke


On Wed, Feb 19, 2014 at 3:24 PM, Jeremy Hoel <jthoel at ...11827...> wrote:

> This looks like a custom rule that you wrote ( the SID is not a normal
> one, check local.rules) and the problem is that the sid map didn't get
> updated, probably because you don't run a rule management tool; pulledpork
> for example?
>
>
> On Wed, Feb 19, 2014 at 12:02 PM, Angel Chiriboga Torres <
> angel.chiriboga at ...15848...> wrote:
>
>> Hi everyone,
>>
>>
>>
>> I need your help with a problem with Snort. All the events appear like
>> the following picture.
>>
>>
>>
>>
>>
>> Why events look this way? How I can fix them?
>>
>>
>>
>> Please, I wait your response as soon as possible.
>>
>>
>>
>> Thanks.
>>
>>
>>
>> Regards.
>>
>>
>>
>> --
>>
>> Ángel Chiriboga Torres
>>
>> *IT Security Specialist*
>>
>> *EGOVERMENT SOLUTIONS S.A.*
>>
>> E-mail: *angel.chiriboga at ...15848...
>> <angel.chiriboga at ...15848...>*
>>
>> Web: http://www.e-govsolutions.net
>>
>> Celular: +593-995093859
>>
>> Skype: angelctorres
>>
>>
>>
>> *P* *No imprima este mail a menos que sea absolutamente necesario*
>>
>> *Save a tree, don´t print this e-mail unless it´s really necessary*
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Managing the Performance of Cloud-Based Applications
>> Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
>> Read the Whitepaper.
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>
>
>
> ------------------------------------------------------------------------------
> Managing the Performance of Cloud-Based Applications
> Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
> Read the Whitepaper.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140219/dd371018/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 28787 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140219/dd371018/attachment.png>


More information about the Snort-users mailing list