NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Snort IDS> current

Re: [Snort-users] snort 2.9.2 preproc sids, gids missing from gen-msg.map

From: Joel Esler (jeslersourcefire.com)
Date: Mon Feb 06 2012 - 08:48:13 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We're on it. Thanks.

--
Joel Esler

On Feb 6, 2012, at 9:37 AM, "Lawrence R. Hughes, Sr." <lhughessafemedia.com> wrote:

> Hi,
>
> There seems to be many sids & gid descriptions missing from the gen-msg.map for the 2.9.2.0 rule snapshot?
> This is one example preprocessor rule missing out of the gen-msg.map:
>
> alert ( msg: "DNP3_DROPPED_FRAME"; sid:2; gid:145; rev: 1; metadata: rule-type preproc; classtype:protocol-command-decode; )
>
> How do we resolve this?
>
> Thanks,
> Larry
>
> ------------------------------------------------------------------------------
> Try before you buy = See our experts in action!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-dev2
> _______________________________________________
> Snort-users mailing list
> Snort-userslists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2

_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

application/pkcs7-signature attachment: smime.p7s

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]