[Snort-users] Thousands of alerts after upgrade

Leo poldi at ...16673...
Thu Jan 23 18:13:33 EST 2014


Hi,

I've just upgraded to 2.9.5.6 (Build 208) on Ubuntu 13.10 and am now 
receiving thousands of alerts for

stream5: TCP Timestamp is missing

I'm using BASE to review data and when I click on the 'snort' hyperlink 
for that alert, I get to the snort site and am informend that this rule 
does not exist


My questions are:

1) How can I turn this alert off
2) Why is this rule unknown

Thanks,

Leo





More information about the Snort-users mailing list