[Snort-users] Attack detection

Joel Esler (jesler) jesler at ...589...
Wed Feb 11 20:13:21 EST 2015


Snort isn't just a bad vs. good system. Snort alerts in all kinds of traffic.   You have to decide what is relevant to your network or not.

--
Joel Esler
Sent from my iPhone

On Feb 11, 2015, at 8:10 PM, reniykec <reniykec at ...131...<mailto:reniykec at ...843.....131...>> wrote:

Good day, please why do snort IDS detect attacks on week 1 and week 3 DARPA data set which is attack free data. But snort still generate alert.
Thanks
Sent from my acer Liquid Z3
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150212/1c5a625f/attachment.html>


More information about the Snort-users mailing list