[Snort-users] (http_inspect) NON-RFC HTTP DELIMITER


Welcome to the Virus.Org Mailing List Archive

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

To: [EMAIL PROTECTED]
Subject: [Snort-users] (http_inspect) NON-RFC HTTP DELIMITER
From: Peggy Kam <[EMAIL PROTECTED]>
Date: Mon, 01 Mar 2004 15:52:21 -0500
In-reply-to: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Sender: [EMAIL PROTECTED]

Hi,

Does anyone know which rule triggers the following alert?

[**] [119:13:1] (http_inspect) NON-RFC HTTP DELIMITER [**]

03/01-15:36:12.922251 0:A:E6:89:42:65 -> 0:40:F4:6B:59:55 type:0x800len:0x5E192.168.22.30:4497 -> 192.168.22.205:80 TCP TTL:128 TOS:0x0 ID:57615IpLen:20 DgmLen:80 DF

***AP*** Seq: 0x6D579DE1  Ack: 0x83A999D7  Win: 0x4470  TcpLen: 20


I do not seem to find the rule anywhere that triggers that.

Thanks in advance,
Peggy



-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Snort-users mailing list
[EMAIL PROTECTED]
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

References:
- RE: [Snort-users] SNORT has memory leak on Linux Red hat 9
  - From: SN ORT

Prev by Date: Re: [Snort-users] snort doesn't write to mysql
Next by Date: [Snort-users] No logs in MYSQL Database but logs on localhost logfiles?
Previous by thread: RE: [Snort-users] SNORT has memory leak on Linux Red hat 9
Next by thread: [Snort-users] mostly an (my)sql question.
Index(es):
- Main
- Thread

Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.