[Snort-users] Attack detection

Joel Esler (jesler) jesler at ...589...
Wed Feb 11 20:13:21 EST 2015

Snort isn't just a bad vs. good system. Snort alerts in all kinds of traffic.   You have to decide what is relevant to your network or not.

Joel Esler
Sent from my iPhone

On Feb 11, 2015, at 8:10 PM, reniykec <reniykec at ...131...<mailto:reniykec at ...843.....131...>> wrote:

Good day, please why do snort IDS detect attacks on week 1 and week 3 DARPA data set which is attack free data. But snort still generate alert.
Sent from my acer Liquid Z3
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150212/1c5a625f/attachment.html>

More information about the Snort-users mailing list