security.ids.snort.sigs (thread)

Snort online sig DB., Mathew Johnston
OTHER-IDS SecureNetPro traffic, Rodrigo Buarque Ramos
- Re: OTHER-IDS SecureNetPro traffic, Erek Adams
EXPERIMENTAL SIDs, Rodrigo Buarque Ramos
- Re: EXPERIMENTAL SIDs, Russell Fulton
Re: Port 57 Scans, Matt Kettler
- RE: Port 57 Scans, Hicks, John
Rules to detect W32/Opaserv.worm attack, jo cam
- Re: Rules to detect W32/Opaserv.worm attack, Joe Stewart
Help Snortcenter, Colin . Slevin
Can't download snortrules.tar.gz, Scott Nursten
Re: Snort doesn't detect W32/Opaserv.worm attack, Scott Nursten
- Re: Re: [Snort-users] Snort doesn't detect W32/Opaserv.worm attack, Joe Stewart
List of port, Adrien Dauchez
- Re: List of port, Matt Kettler
need sig for windows rpc d o s., lipan
signature request, Don
- Re: signature request, Brian
snort-rules CURRENT update @ Mon Nov 25 06:25:08 2002, bmc
Re: Question about signature ID 107, Brian
Sig for CVE-1999-0675, Ashley Thomas
- Re: Sig for CVE-1999-0675, Brian
Rule Needed: IE Cross Site Scripting Exploit, Chip Kelly
- Re: Rule Needed: IE Cross Site Scripting Exploit, Matt Kettler
Multiple Content entries, John Hally
- Re: Multiple Content entries, Matt Kettler
- Re: Multiple Content entries, Brian
false +ves with new buffer overflow rules, Russell Fulton
- Re: false +ves with new buffer overflow rules, Brian
Help, Colin . Slevin
MDAC signature, Slighter, Tim
- Re: MDAC signature, Dan Lawrence
  - Re: MDAC signature, Brian
- RE: MDAC signature, Slighter, Tim
Writing a sig for Hotbar, Brian Blake
- Re: Writing a sig for Hotbar, Chris Green
Snort rules database online, Mathew Johnston
- Re: Snort rules database online, Brian
Alert 110:2, Mathew Johnston
- RE: Alert 110:2, Mathew Johnston
- RE: Alert 110:2, Matt Kettler
snort-rules CURRENT update @ Tue Nov 19 06:25:08 2002, bmc
http UserAgent, John Hally
- Re: http UserAgent, remember-handsworth
Re: Questionable classification (Mail rejected), Matt Kettler
- Re: Questionable classification (Mail rejected), Cody Hatch
  - Re: Questionable classification (Mail rejected), Matt Kettler
- RE: Questionable classification (Mail rejected), Moyer, Shawn
RE: Questionable classification [Live nude girls! Ge t the lotion!], Moyer, Shawn
Questionable classification, Cody Hatch
- Re: Questionable classification, Matt Kettler
  - Re: Questionable classification, Cody Hatch
- Questionable classification, Cody Hatch
  - Re: Questionable classification, Erek Adams
snort-rules STABLE update @ Sat Nov 16 19:30:32 2002, bmc
- Re: snort-rules STABLE update @ Sat Nov 16 19:30:32 2002, Michael Scheidell
snort-rules CURRENT update @ Sat Nov 16 19:30:32 2002, bmc
DNS, Joseph Gresham
Rule policy, Mathew Johnston
- Re: Rule policy, Brian
  - Re: Rule policy, Mathew Johnston
    - Re: Rule policy, Matt Kettler
    - Re: Rule policy, Mathew Johnston
    - Re: Rule policy, Brian
    - Re: Rule policy, Mathew Johnston
    - Re: Rule policy, Erek Adams
- How does snort handles anti-IDS software?, Roanne Tang
  - Re: How does snort handles anti-IDS software?, Chris Green
    - Re: How does snort handles anti-IDS software?, tangpl
    - Re: How does snort handles anti-IDS software?, Matt Kettler
    - Re: How does snort handles anti-IDS software?, Chris Green
kadmind exploit rules, remember-handsworth
- Re: kadmind exploit rules, Brian
- Re: kadmind exploit rules, Chris Green
Re: Klez Incoming, Shane Williams
- RE: Klez Incoming, Sean T. Ballard
Bug: mysql quoting in barnyard || sid-msg.map in snort, Jens Krabbenhoeft
snort-rules STABLE update @ Wed Nov 13 13:04:43 2002, bmc
snort-rules CURRENT update @ Wed Nov 13 13:04:43 2002, bmc
Re: X11 outbound client connection detected - remove from snort 1.9 r uleset?, Brian
Blocking P2P Gnutella w/ snort, O'Flynn, Derek
snort-rules CURRENT update @ Tue Nov 12 06:25:07 2002, bmc
- snort rules update notification, Brian
  - Re: [Snort-sigs] snort rules update notification, Chris Green
Re: hotmail logging, Brian
Re: Re: Autoupdate snort signature (esa valimaki), Brian
Re: sid:306 (vqServer) reference correction, Brian
(no subject), Christian Gast
- (no subject), Joseph Nuara
KaZaA 2.0 Connections, Leandro Souza Costa
- Re: KaZaA 2.0 Connections, Phillip G Deneault
  - Re: KaZaA 2.0 Connections, Leandro Souza Costa
    - Re: KaZaA 2.0 Connections, Sam Evans
- RE: KaZaA 2.0 Connections, Coyle, Brian
  - Re: KaZaA 2.0 Connections, Chris Green
- RE: KaZaA 2.0 Connections, O'Flynn, Derek
send rules, alejandro corletti
- Re: send rules, Brian
Re: teardrop sig needed, Ed Davison
- Teardrop sig needed, Ed Davison
Creation of "log all from * except", Perciaccante, Robert
- Re: Creation of "log all from * except", Todd Holloway
- RE: Creation of "log all from * except", Perciaccante, Robert
- RE: Creation of "log all from * except", Robert Wagner
- RE: Creation of "log all from * except", Perciaccante, Robert
  - RE: Creation of "log all from * except", Russell Fulton
- RE: Creation of "log all from * except", Perciaccante, Robert
ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Jason Haar
- Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Brian
  - Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Jason Haar
    - Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Erik Fichtner
    - Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Brian
    - Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, スティーブ　ブラウン
    - Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Russell Fulton
    - Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Brian
    - Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Andreas Östling
    - Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Moyer, Shawn
    - Re: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Jason Haar
- RE: ATTACK RESPONSES 403 Forbidden looks inappropriate to me, Keith T. Morgan
W32/Braid@MM, Tim Bogart
- Re: W32/Braid@MM, remember-handsworth
new version for sid 1243, Russell Fulton
- Re: new version for sid 1243, Chris Green
  - Re: new version for sid 1243, Russell Fulton
  - Re: new version for sid 1243, Russell Fulton
sid 308, ports reversed, Mathew Johnston
Missing revision numbers, Kreimendahl, Chad J
Sid 853: wrap access, Steve Brown
- Re: Sid 853: wrap access, Brian
  - Re: Sid 853: wrap access, Steve Brown
    - Re: Sid 853: wrap access, Brian
Yay, more missing classifications, Kreimendahl, Chad J
No sid for new rule, Russell Fulton
- Re: No sid for new rule, Brian
  - Re: No sid for new rule, Chris Green
RE: Best snortsig for detecting FTP servers running on other port than 21?, O'Flynn, Derek
OpenSSL Signature, Alexandre de Abreu
teardrop rule needed, Ed Davison
- Re: teardrop rule needed, Dragos Ruiu
Re: Sig ID 113 should have INTERNAL/EXTERNAL swapped., Brian
- Re: Sig ID 113 should have INTERNAL/EXTERNAL swapped., Mathew Johnston
- Re: Sig ID 113 should have INTERNAL/EXTERNAL swapped., Mathew Johnston
  - Re: Sig ID 113 should have INTERNAL/EXTERNAL swapped., Mathew Johnston
    - Re: Sig ID 113 should have INTERNAL/EXTERNAL swapped., Brian
  - Re: Sig ID 113 should have INTERNAL/EXTERNAL swapped., Mathew Johnston
    - Re: Sig ID 113 should have INTERNAL/EXTERNAL swapped., Brian
RE: Combination of snort and argus, Lars Jørgensen IT
- Uricontent issue in sid 1519, Sean Wheeler
  - Re: Uricontent issue in sid 1519, Brian