security.ids.snort.sigs (date)

security.ids.snort.sigs (date)

September 30, 2003

Re: sig for recent massive ICMP scans, Nick . Cross
Re: False positives WEB-CGI calendar access, Daniel de Young
Re: False positives WEB-CGI calendar access, Johnathan Norman
Re: Using snort to Identify P2P transfers., james

September 29, 2003

RE: False Positive on sid 10000009, Nick Duda
Re: False Positive on sid 10000009, Joe Stewart
False Positive on sid 10000009, Adam Towarnyckyj
Using snort to Identify P2P transfers., Tony Hernandez
Scott Myers is out of the office., Scott Myers
Re: False positives WEB-CGI calendar access, Daniel de Young
False positives WEB-CGI calendar access, Hugo van der Kooij

September 26, 2003

Re: sig for recent massive ICMP scans, SoloNet Newsfeed
Re: sig for recent massive ICMP scans, Bill Terwilliger
RE: {Snort-sigs] sig for recent massive ICMP's, Richard Ullrich
RE: NETBIOS DCERPC ISystemActivator bind attempt, d'Ambly, Jeff
Re: W32/SWEN.A signature, Jordi Herrero
CJ Schmit is out of the office., CJ . Schmit
Re: sig for recent massive ICMP scans, Brian Howard
Re: sig for recent massive ICMP scans, Paul Schmehl
RE: NETBIOS DCERPC ISystemActivator bind attempt, Robert Reid

September 25, 2003

sig for recent massive ICMP scans, SoloNet Newsfeed
Re: NETBIOS DCERPC ISystemActivator bind attempt, Ian Boje
Re: NETBIOS DCERPC ISystemActivator bind attempt, Sir Fenix
NETBIOS DCERPC ISystemActivator bind attempt, d'Ambly, Jeff

September 24, 2003

ProFTPD vulnerability signature development, Joe Stewart
Re: sig question, Matt Kettler
sig question, Nick Duda
Re: Question about submitting additions to existing rule docs, Nigel Houghton
Question about submitting additions to existing rule docs, Yackley, Matt
Re: SID 113, Nigel Houghton
SID 113, Muhammad Faisal Rauf Danka

September 23, 2003

RE: Sig for Worm Swen.a?, Robert Wagner
RE: exclude IP from a rule, Esler, Joel Contractor
RE: exclude IP from a rule, Nick Duda
exclude IP from a rule, Nick Duda
Kazaa sig, Nick Duda
W32/SWEN.A signature, pieter claassen
correct of signature sid:1685, Choudhary, Anil
Error in http://www.snort.org/snort-db/sid.html?sid=618 and 620, Knut Bjornstad

September 22, 2003

Re: SNORT HELP, Matt Kettler
SID 615 contrib, Gene Gomez
SID 556 contrib, Gene Gomez
SID 558 contrib (please note msg change; done for consistency with 556, 557, 559), Gene Gomez
SID 557 RE-contrib (apologies; I misread the rule), Gene Gomez
SID 559 contrib, Gene Gomez
SID 557 contrib, Gene Gomez
SID 714 contrib, Gene Gomez
SNORT HELP, acastellani
SID 556 RE-contrib (apologies; I misread the rule), Gene Gomez
Sig for Worm Swen.a?, Robert Wagner

September 20, 2003

RE: PortScan Logs, Keen Joseph A1C HQ SSG/XOIN

September 19, 2003

Rule Doc 1288, Neal Timm

September 18, 2003

Re: Snort Rule signature file request, nick black
PortScan Logs, Jayachandran K
Re: DCOMRPC Exploit POC code posted, Jason Alexander

September 17, 2003

Snort Rule signature file request, Jason Monroe \"JC\"

September 16, 2003

Re: FW: Looking for a Yahoo Instant Messenger rule, Snorkelpuss
Re: DCOMRPC Exploit POC code posted, SoloNet Newsfeed
Netcat telnet attack signature (change 1), Graham, Jeffery A. MAJ - G6
Re: Looking for a Yahoo Instant Messenger rule, Jade E. Deane

September 15, 2003

Looking for a Yahoo Instant Messenger rule, John Impallomeni
DCOMRPC Exploit POC code posted, SoloNet Newsfeed Processor
Bluesocket remote admin signature, Jon Hart
RE: quick rules for new dcom stuff, Nick . Cross

September 14, 2003

September 13, 2003

rule options, Zultan

September 12, 2003

RE: rules licensing, Milani Paolo
Re: Snort-sigs digest, Vol 1 #698 - 11 msgs, Aluru Madhuri
snort-rules STABLE update @ Thu Sep 11 22:18:58 2003, bmc
snort-rules CURRENT update @ Thu Sep 11 22:18:58 2003, bmc
Re: rules licensing, Brian
Positive Technologies DCOM Buffer Overflow2 Signatures/Packets, Eric Hines

September 11, 2003

Re: rules licensing (slightly off-topic pondering), Matt Kettler
Re: Rule for the newest DCOM vulnerability?, Brian
RE: Rule for the newest DCOM vulnerability?, Compton, Rich
AW: Rule for the newest DCOM vulnerability?, Sean Wheeler
Re: BAD TRAFFIC Non-Standard IP protocol, Matt Kettler
Re: Netcat telnet attack signature, Matt Kettler
RE: Rule for the newest DCOM vulnerability?, Eric Hines
Re: quick rules for new dcom stuff, Jason Haar
Re: quick rules for new dcom stuff, Sam Evans
Re: quick rules for new dcom stuff, Johnathan Norman
Netcat telnet attack signature, Graham, Jeffery A. MAJ - G6
BAD TRAFFIC Non-Standard IP protocol, Daniél Haslinger
Re: quick rules for new dcom stuff, David Wilburn
quick rules for new dcom stuff, Johnathan Norman
update docs for sid 528, Jon Hart
Rule for the newest DCOM vulnerability?, Compton, Rich
rules licensing, Milani Paolo

September 07, 2003

false negatives with SID 1882 (userid), Jon Hart

September 05, 2003

RE: Unified output for barnyard, Bamm Visscher
RE: Unified output for barnyard, Michael Miller
Q on, D Murdoch

September 04, 2003

Re: sid 567 and new mail relay signatures, Jon Hart
Re: Unified output for barnyard, Dusty Hall
Unified output for barnyard, Michael Miller
sid 567 and new mail relay signatures, Jon Hart
P2P GNUTella GET causes lots of false positives, Shane Smith
RE: MUMU, Robert Wagner
MUMU, mos def
UPDATE: flexresp2 (new and improved active response for Snort), Jeff Nathan

September 03, 2003

Re: spamassisan, Matt Kettler
Re: Re: quick question about Snort + ACID on FreeBSD, Wes Young
RE: snort rule update, Gisler, Johnny
Re: Re: Rule 498 and 1882, Brian
Rule 498 and 1882, Giovanni
Re: Rule 498 and 1882, Nigel Houghton
Re: snort rule update, Jade E. Deane

September 02, 2003

Re: spamassisan, Brian May
Re: Re: quick question about Snort + ACID on FreeBSD, delusi0n
spamassisan, Michael Scheidell
Re: repeated signatures?, Johnathan Norman
Re: snort rule update, Johnathan Norman
Re: snort rule update, Paul M. Sittler
Snort Question, Laura Scott
Re: quick question about Snort + ACID on FreeBSD, Irwan Hadi
snort rule update, Jeanne Mode
repeated signatures?, keshav
quick question about Snort + ACID on FreeBSD, <-delusion->

September 01, 2003

Re: That movie, warchild

News | FAQ | advertise