|
Mailing List Archive For snort-sigs@snort.org May 2003 By Subject- [Snort-sigs] 1631 CHAT AIM login false positive
- [Snort-sigs] Announcing sp_perl
- [Snort-sigs] Bad reference on SID: 598?
- [Snort-sigs] byte_test:5,<,65537,0,relative,string;
- [Snort-sigs] Detecting Connections
- [Snort-sigs] disable /var/log/snort logging
- [Snort-sigs] DNS poisoning
- [Snort-sigs] Does anyone have a working set of rules for the Fizzer Worm
- [Snort-sigs] dropping traffic
- [Snort-sigs] ELKERN Signature?
- [Snort-sigs] filter session in both direction
- [Snort-sigs] Followup on my last virus question.
- [Snort-sigs] general sig question
- [Snort-sigs] hi
- [Snort-sigs] How detect relaying with qmail and snort ?
- [Snort-sigs] ICMP rules: sid 499,473, 477, 487
- [Snort-sigs] install.php?phpbb_root_dir=http:// sig?
- [Snort-sigs] Issue
- [Snort-sigs] Issue.fixing wincap
- [Snort-sigs] Look for attached files?
- [Snort-sigs] Maintain virus.rules
- [Snort-sigs] MESSNGR SPAM Sig
- [Snort-sigs] naming of rules file
- [Snort-sigs] Netbios rules are case sensitive?
- [Snort-sigs] Nimda
- [Snort-sigs] Not looking in Email
- [Snort-sigs] Not sure I understand "RPC AMD TCP pid request"..
- [Snort-sigs] Possible false positive on SID 663
- [Snort-sigs] problem with double logging
- [Snort-sigs] Proposed change to icmp-info.rules
- [Snort-sigs] Question
- [Snort-sigs] RE-Announcing sp_perl
- [Snort-sigs] SID 1620, Non-Standard IP Protocol question
- [Snort-sigs] SID 1882 False Posiitives : "ATTACK-RESPONSES id check returned userid "
- [Snort-sigs] SID 663 - Revision 6 - False Positives question
- [Snort-sigs] Sig for a old virus?
- [Snort-sigs] Signatures related to POP3 overflow attempt
- [Snort-sigs] SMTP ETRN overflow attempt
- [Snort-sigs] SMTP rcpt to sed command attempt
- [Snort-sigs] Snort & Acid
- [Snort-sigs] snort 2.0 problems
- [Snort-sigs] Snort attack -- was disable /var/log/snort logging
- [Snort-sigs] Snort rule sorter or managment system
- [Snort-sigs] snort-rules CURRENT update @ Fri May 30 16:15:18 2003
- [Snort-sigs] snort-rules CURRENT update @ Thu May 15 23:15:23 2003
- [Snort-sigs] snort-rules CURRENT update @ Tue May 6 20:15:27 2003
- [Snort-sigs] snort-rules CURRENT update @ Wed May 14 14:14:32 2003
- [Snort-sigs] snort-rules CURRENT update @ Wed May 14 17:15:36 2003
- [Snort-sigs] snort-rules CURRENT update @ Wed May 28 14:16:41 2003
- [Snort-sigs] snort-rules STABLE update @ Fri May 30 16:15:18 2003
- [Snort-sigs] snort-rules STABLE update @ Thu May 15 23:15:23 2003
- [Snort-sigs] snort-rules STABLE update @ Tue May 13 11:03:45 2003
- [Snort-sigs] snort-rules STABLE update @ Wed May 14 14:14:32 2003
- [Snort-sigs] snort-rules STABLE update @ Wed May 14 17:15:36 2003
- [Snort-sigs] snort-rules STABLE update @ Wed May 28 14:16:41 2003
- [Snort-sigs] snort_decoder T/TCP detected
- [Snort-sigs] spp_stream4 Steath activity
- [Snort-sigs] SQL Intection sig
- [Snort-sigs] test mail
- [Snort-sigs] Ultimate Rule List
- [Snort-sigs] UNIXSOCK
- [Snort-sigs] Virus sig for worm_palyh.a and pe_ganda.a?
- [Snort-sigs] Virus sig for worm_palyh.a and pe_ganda.a? .....can you give me some pointers. (fwd)
- [Snort-sigs] VIRUS_RULES
- [Snort-sigs] WebDav exploits - individual signatures
- [Snort-users] byte_test:5,<,65537,0,relative,string;
- [Snort-users] Fizzer Virus Signature
- Proposed change to icmp-info.rules
- Signatures related to POP3 overflow attempt
- Snort-sigs digest, Vol 1 #573 - 12 msgs
|
