security.ids.snort.sigs (thread)

Re: Rule to capture only packets with certain content/bytes, Brian
some rules missing from sig-msg.map, Russell Fulton
keywords "tag" and "session", Cedric Foll
from_client == to_server ?, Martin Olsson
- Re: from_client == to_server ?, Matt Kettler
sid:1841 / Question about within: x, nard
Searching for the latest Snort rules, Marc Ruef
PCRE Rules and hexa, Cedric Foll
- Re: PCRE Rules and hexa, Brian
snort-rules STABLE update @ Tue Nov 25 13:15:16 2003, bmc
Can I still log every packet when thresholding the alerts?, Williams Jon
snort-rules CURRENT update @ Tue Nov 25 13:15:16 2003, bmc
Snort details for SID 1937, Christopher Davis
- Re: Snort details for SID 1937, Brian
- Re: Snort details for SID 1937, Nigel Houghton
Behavioral-based detection, Цвиркун Д.В.
- Re: Behavioral-based detection, Matt Kettler
snort-rules CURRENT update @ Fri Nov 21 13:15:18 2003, bmc
snort-rules CURRENT update @ Thu Nov 20 19:15:18 2003, bmc
Newbie question on traffic, William_Metcalf@xxxxxxxx
- Re: Newbie question on traffic, Brian
- RE: Newbie question on traffic, Joshua Wright
Re: [Snort-devel] False SNMP missing community string alerts, Daniel J. Roelker
RE: Rule for detecting MS Exchange SMTP AUTH LOGON b rute force attemp ts., Grejda, Eric
swatch / sig issue, Nick Duda
- Re: swatch / sig issue, Edin Dizdarevic
- RE: swatch / sig issue, Nick Duda
Error with current rules via oinkmaster [snortrules-current], David A. Koran
- Re: Error with current rules via oinkmaster [snortrules-current], Matt Kettler
More about shell code rules, Russell Fulton
- Re: More about shell code rules, Curt Wilson
  - Re: Re: More about shell code rules, Russell Fulton
    - Re: Re: More about shell code rules, Curt Wilson
    - Re: Re: More about shell code rules, Brian
    - Re: Re: More about shell code rules, Russell Fulton
sid 1748 needs retuning, David Wilburn
- Re: sid 1748 needs retuning, Russell Fulton
- Re: sid 1748 needs retuning, Brian
shell code rules, Russell Fulton
- Re: shell code rules, Matt Kettler
Rule for detecting MS Exchange SMTP AUTH LOGON brute force attemp ts., Grejda, Eric
- Re: Rule for detecting MS Exchange SMTP AUTH LOGON brute force attemp ts., Brian
ms03-049 proof of concept detected by x86 NOOP sig, William_Metcalf
good settings for portscan preprocessor?, David Wilburn
- Re: good settings for portscan preprocessor?, James Riden
Sig for MS03-051, Frank Knobbe
- Re: Sig for MS03-051, Brian
- RE: Sig for MS03-051, Adams, Samuel (contractor)
  - RE: Sig for MS03-051, Frank Knobbe
    - RE: Sig for MS03-051, Frank Knobbe
RE: FTP brute force login signature, Milani Paolo
- RE: RE: FTP brute force login signature, adam.w.hogan
  - Re: RE: FTP brute force login signature, James Riden
Snort Rules, Mandar S. Dalvi
- RE: Snort Rules, adam.w.hogan
rules and protocol URL, Nosnos
- Re: rules and protocol URL, Matt Kettler
  - Re: rules and protocol URL, Jason Haar
    - ms 03-046 rule, Johnathan Norman
- Re: rules and protocol URL, Edin Dizdarevic
- RE: rules and protocol URL, Federico Castañeda
Nicholas Cross is out of the office., Nick . Cross
Sig for streaming audio/video, Salinas Samuel E SSgt 355 CS/SCBI
RE: [Snort-sigs] RE: Who doesn't care about virus rules, and why?, Abe Use
Re: [Snort-users] Who doesn't care about virus rules, and why?, Nick . Cross
- RE: Re: [Snort-users] Who doesn't care about virus rules, and why?, Nick Duda
Mail Alert, Jayachandran K
- Re: Mail Alert, Erek Adams
snort-rules CURRENT update @ Thu Nov 6 13:15:19 2003, bmc
SNORT rule for Hacker Defender?, Johnson, Scott
- Re: SNORT rule for Hacker Defender?, Chris Kronberg
RE: Who doesn't care about virus rules, and why?, Williams Jon
- Re: Who doesn't care about virus rules, and why?, Iain Hallam
  - Re: Who doesn't care about virus rules, and why?, Snortty
- RE: Who doesn't care about virus rules, and why?, Jason Haar
- RE: Who doesn't care about virus rules, and why?, Williams Jon
User/Pass in LDAP, Kbellco Mail
Welchia/Nachi rule, Schmehl, Paul L
RE: welchia rule, Schmehl, Paul L
- A tool like swatch, Sir Fenix
inc ebx NOOP Shellcode detection statefulness?, Curt Wilson
rules update question, Nick Duda
missing SIDs, SoloNet Newsfeed Processor
Bug in matching engine ?, Cedric Foll
- Re: Bug in matching engine ?, Chris Green
Re: [Snort-sigs] anyone have a good Swen sig, Brian A Kee
Thresholding in 2.0.2?, Jacob Roberts
capture email, Ricardo Londono
- Re: capture email, Ricardo Londono
- RE: capture email, Ricardo Londono
  - RE: capture email, Erek Adams
New MiMail infection signature, Ken Bell
Re: Swen sigs, Martin Overton