Robert Lasota | 27 Mar 10:27 2015
Picon

React option doesn't work

Hi,

I've installed newest Snort (2.9.7.2) from source with options:
 ./configure --prefix=/opt/usr  --enable-sourcefire --with-daq-libraries=/opt/usr/lib/daq/
--with-daq-includes=/opt/usr/include/ --disable-gre --disable-mpls --disable-corefiles
--disable-dlclose --enable-react --enable-active-response --enable-flexresp3

I run it in inline mode with options:
--daq nfq --daq-var queue=0 -D -Q -c /opt/etc/snort/snort.conf -l /var/log/snort --no-interface-pidfile

.. and its blocking traffic but unfortunately doesn't display message in webbrowser about this block.

Rule is:
drop tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (content-list:"exe"; msg:"ET CURRENT_EVENTS
Terse alphanumeric executable downloader high likelihood of being hostile";
flow:established,to_server; content:"/"; http_uri; content:".exe"; distance:1; within:8;
fast_pattern; http_uri; content:!"Referer|3a 20|"; nocase;  http_header;
pcre:"/\/[A-Z]?[a-z]{1,3}[0-9]?\.exe$/U"; classtype:bad-unknown; sid:2019714; rev:2;  react:
block, msg; )

without content-list:"exe" it just blocks,
with content-list:"exe" don't even start because it has error:  Unknown rule option: 'content-list'.

So, what is going on ? how to fix it or... what is other way to display message in webbrowser during blocking
(in inline mode with DAQ which we are using) ?

Please help us, we work on serious project with Snort and this is very important for us

Robert Lasota

(Continue reading)

Robert Lasota | 27 Mar 09:22 2015
Picon

React option doesn't work

Hi,
I've installed newest Snort (2.9.7.2) from source with options:

 ./configure --prefix=/opt/usr  --enable-sourcefire --with-daq-libraries=/opt/usr/lib/daq/ --with-daq-includes=/opt/usr/include/ --disable-gre --disable-mpls --disable-corefiles --disable-dlclose --enable-react --enable-active-response --enable-flexresp3

I run it in inline mode with options:

--daq nfq --daq-var queue=0 -D -Q -c /opt/etc/snort/snort.conf -l /var/log/snort --no-interface-pidfile

 

.. and its blocking traffic but unfortunately doesn't display message in webbrowser about this block.

 

Rule is:

drop tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (content-list:"exe"; msg:"ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile"; flow:established,to_server; content:"/"; http_uri; content:".exe"; distance:1; within:8; fast_pattern; http_uri; content:!"Referer|3a 20|"; nocase;  http_header; pcre:"/\/[A-Z]?[a-z]{1,3}[0-9]?\.exe$/U"; classtype:bad-unknown; sid:2019714; rev:2;  react: block, msg; )

without content-list:"exe" it just blocks,

with content-list:"exe" don't even start because it has error:  Unknown rule option: 'content-list'.

So, what is going on ? how to fix it or... what is other way to display message in webbrowser during blocking (in inlice moe with DAQ witch we using) ?

 

Please help us, we work on serious project with Snort

Robert Lasota

 

 

 

 

 


------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
French, Jared | 26 Mar 22:08 2015

Thresholding issues

I'm fairly new to snort and I've been trying to get thresholding working, but haven't had any luck.  Not with individual rules or global rules.   I added the following line to to threshold.conf and ran a rule update after: 

event_filter gen_id 0, sig_id 0, type limit, track by_src, count 1, seconds 360 

However, when I open up snorby and watch the logs I'll get the same alert popping up many times in row either with the same timestamp or well within the given 360 seconds.  My understanding is that this line should cause any and all rules to fire only once every 360 seconds.  Is that incorrect or is something possibly broken? 

The same happens when I try to apply thresholds for individual rules such as:   

event_filter gen_id 1, sig_id 2012252, type limit, track by_src, count 1, seconds 360 

which is the emerging theat SHELLCODE Common 0a0a0a0a Heap Spray String alert. 

Just looking for some help / clarifcation.  Thanks!
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Yuhui Lin | 26 Mar 18:04 2015
Picon

Snort-3.0: WARNING: active responses disabled since DAQ can't inject packets.



hi,

I was testing snort 3.0-alpha. While I execute the following command, I got a warning everytime.

command:

$SNORT3_PATH/bin/snort -c $SNORT3_PATH/etc/snort.lua -R $SNORT3_PATH/myRule.rules -l $SNORT3_PATH/logTest -r $SNORT3_PATH/myPcap.pcap -A alert_fast -n 100


warning:
WARNING: active responses disabled since DAQ can't inject packets.

I don’t understand why my DAQ can’t inject packets...


$SNORT3_PATH/bin/snort -c $SNORT3_PATH/etc/snort.lua -R $SNORT3_PATH/myRule.rules -l $SNORT3_PATH/logTest -r $SNORT3_PATH/myPcap.pcap -A alert_fast -n 100 
--------------------------------------------------
o")~   Snort++ 3.0.0-a1-140
--------------------------------------------------
Loading /root/yuhui/snort3/etc/snort.lua:
back_orifice
classifications
ftp_data
stream_tcp
ftp_server
http_inspect
telnet
port_scan
rpc_decode
arp_spoof
perf_monitor
stream_icmp
stream_ip
stream
ftp_client
references
stream_udp
wizard
Finished /root/yuhui/snort3/etc/snort.lua.
Loading rules:
Loading /root/yuhui/snort3/myRule.rules:
Finished /root/yuhui/snort3/myRule.rules.
Finished rules.
--------------------------------------------------
rule counts
       total rules loaded: 10
               text rules: 10
            option chains: 10
            chain headers: 4
--------------------------------------------------
rule port counts
             tcp     udp    icmp      ip
     any       7       6       5       4
      nc       0       0       0       1
--------------------------------------------------
pcap DAQ configured to read-file.
Commencing packet processing
++ [0] /root/yuhui/snort3/myPcap.pcap

WARNING: active responses disabled since DAQ can't inject packets.

Thank you,
Yuhui

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Michael Brown | 26 Mar 02:00 2015
Picon

OpenAppID

Where can I download the detectors for OpenAppID? I am using this tutorial and it says about the detectors. http://blog.snort.org/2014/03/openappid-install-video.html. I can not find them. 
---
Thank you,

Michael A. Brown
mike.a.brown09 <at> gmail.com
M.S. Forensic Studies: Computer Forensics
B.S. Information Technology: Network Specialist
"The only thing necessary for the triumph of evil is for good men to do nothing" -Edmund Burke


Confidentiality Note: This electronic message is solely for the intended recipient, and may not be viewed by any other person. Access by anyone else is unauthorized and may be unlawful, except with the express consent of either the sender or the intended recipient. If you are not the intended recipient, you are hereby notified that you may not read this E-Mail or any attachment, and any disclosure, copying distributing, using, printing or taking any action in reliance on the contents of this E-Mail is strictly prohibited. The contents of this E-Mail and/or its attachments may be legally confidential and/or privileged; no unintended disclosure is intended to waive any right of privilege or confidentiality, all of which rights are reserved to the fullest extent possible.
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Eugene Grama | 25 Mar 14:08 2015
Picon

snort-windows webserver-ec2

Hello Team,

I have a Web Server Windows 2008 R2 instance EC2 (amazon)

Amazon, won't allow traffic monitoring (even in your own network). You will only get a traffic for that specific port, in where you are listening.  

So I decided to install snort in the webserver itself so it can analyze traffic against its rule. But snort is not working as NIDS mode. Able to get packets in packet logger mode

I had test machine (but not in aws) and snort is working fine, i had imported my config file from test machine to production but still not working.

Also tried old version 2970 but still unable to make it work.

If you need any clarification, please tell me, needing any support
--
Thank you and Best regards,

Eugene
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Eugene Grama | 24 Mar 05:10 2015
Picon

snort 2972 - not working, need help

Hell Guys,

Hope you are all doing fine.

I was able to make snort 2970 work in windows 7, due to some reason, we had freeze this project and we are now again restarting it.

I was able to update snort to 2972 without error

Then I tried placing this rule in snort.rules file for testing purpose

alert tcp $HOME_NET any <> $EXTERNAL_NET any (msg:"NET - ACTIVITY-YAHOO"; classtype:unknown; sid:1000002; rev:1;)
alert icmp $HOME_NET any <> $EXTERNAL_NET any (msg:"PING - ACTIVITY"; classtype:unknown; sid:1000000; rev:1;)

Then i run snort -c c:\path\to\dir\snort.conf -l c:\path\to\snort\log -i4

and it run normally ("commencing packet processing" at the end)

Tried generating icmp(ping) traffic, but i cannot see any alert generated from my alert log file.

Sorry for the grammar, hoping for your usual support

--
Thank you and Best regards,

Eugene
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
David Futsi | 23 Mar 19:45 2015
Picon

Sending syslog alerts from Snort on ArchLinux on RPI b+

Hi,
Im issuing the command snort -d -h 192.168.1.0/24 -c /etc/snort/snort.conf -s and on the syslog server i have syslog watcher 4.7.4 on windows 7. Then i set up a rule for rules.conf file to alert ICMP packets. When I ping from the windows machine to the Raspberry Pi the ICMP traffic is reported within the console if snort is ran with the -A console option. But when the -s option is selected it doesnt send alerts to the Syslog server. I did configure the snort.conf in the syslog section with the IP address and 514 port of the Syslog server still no dice.

Am I missing something?
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Shirkdog | 23 Mar 14:42 2015
Picon

Re: how to run pulledpork ignoring trust certificates?

Message was discarded by filter '\Custom\Strong\PHP' on line 2

Envelope (RCP file content):
Message-ID: B0438377132 <at> spam1.mmcdmz.mehealth.org
Return-path: snort-users-bounces <at> lists.sourceforge.net
Received-From-MTA: lists.sourceforge.net (unverified [216.34.181.88])
Arrival-Date: 1426456462 (Sun, 15 Mar 2015 17:54:22 -0400)
Origin-IP: 216.34.181.88
X-Modus-WasEncrypted: YES
X-Modus-BlackList: 216.34.181.88=OK;snort-users-bounces <at> lists.sourceforge.net=OK
X-Modus-RBL: 216.34.181.88=OK
X-Modus-Trusted: 216.34.181.88=NO
X-Modus-Audit: TRUE;5;-28051960418533861;130713476620380000
X-CustID: 687
X-Modus-BuildNumber: 214.18364
DomainKey-Status: 0
Resolved-Return-path: snort-users-bounces <at> lists.sourceforge.net
X-Modus-BATV: OFF
X-Modus-SRSRBL: OK
X-Sender-Origin: EXTERNAL

Recipient: brownr <at> mmc.org
Original-Address: brownr <at> mmc.org
Dsn-Original-Recipient: rfc822;brownr <at> mmc.org
Local-Status: Incoming

Picon
From: Shirkdog <shirkdog <at> gmail.com>
Subject: Re: [Snort-users] how to run pulledpork ignoring trust certificates?
Date: 2015-03-15 21:48:34 GMT

-w is your friend on the latest svn copy to ignore the cert check.

Bear with PP issues as the project will have to be migrated from google code to github

On Mar 15, 2015 5:45 PM, "Andrew Shagayev" <drewshg <at> gmail.com> wrote:
Hi guys!

When trying to update snort rules with pulledpork getting the Error 500:

...
** GET https://s3.amazonaws.com/snort-org-site/production/release_files/files/000/001/456/original/snortrules-snapshot-2970.tar.gz?AWSAccessKeyId=AKIAIXACIED2SPMSC7GA&Expires=1426458163&Signature=fnOJZHRykLFc0k2WO8aGdwA7koI%3D ==> 500 Can't connect to s3.amazonaws.com:443 (certificate verify failed) (1s)
    A 500 error occurred, please verify that you have recently updated your root certificates!


Does anyone know how to solve this problem OR how to run PP ignoring trust certificates like let's say wget:

$ wget --no-check-certificate https://...

Any attempt to help will be highly appreciated!

but no luck((

$ sudo cpan Mozilla::CA IO::Socket::SSL -- Doesn't help((((

--
A.S.

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Ethan Hunt | 23 Mar 14:42 2015
Picon

Snort 2.9.7.2

Message was discarded by filter '\Custom\Strong\PHP' on line 2

Envelope (RCP file content):
Message-ID: B0438388583 <at> spam1.mmcdmz.mehealth.org
Return-path: snort-users-bounces <at> lists.sourceforge.net
Received-From-MTA: lists.sourceforge.net (unverified [216.34.181.88])
Arrival-Date: 1426470935 (Sun, 15 Mar 2015 21:55:35 -0400)
Origin-IP: 216.34.181.88
X-Modus-WasEncrypted: YES
X-Modus-BlackList: 216.34.181.88=OK;snort-users-bounces <at> lists.sourceforge.net=OK
X-Modus-RBL: 216.34.181.88=OK
X-Modus-Trusted: 216.34.181.88=NO
X-Modus-Audit: TRUE;5;-28051960418533861;130713621356550000
X-CustID: 687
X-Modus-BuildNumber: 214.18364
DomainKey-Status: 0
Resolved-Return-path: snort-users-bounces <at> lists.sourceforge.net
X-Modus-BATV: OFF
X-Modus-SRSRBL: OK
X-Sender-Origin: EXTERNAL

Recipient: brownr <at> mmc.org
Original-Address: brownr <at> mmc.org
Dsn-Original-Recipient: rfc822;brownr <at> mmc.org
Local-Status: Incoming

Picon
From: Ethan Hunt <ethan.e007mi2 <at> gmail.com>
Subject: [Snort-users] Snort 2.9.7.2
Date: 2015-03-16 01:51:07 GMT

I'm running Win7 with snort 2.9.7.2 and got this error

the daq version does not support reload.
ERROR: log_tcpdump: Failed to open log file "log/snort.log.1426468125

How to i fix this?

Thanks.


------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Sharif Uddin | 23 Mar 14:35 2015

snort not logging anything in log file

Message was discarded by filter '\Custom\Strong\PHP' on line 2

Envelope (RCP file content):
Message-ID: B0438046078 <at> spam1.mmcdmz.mehealth.org
Return-path: snort-users-bounces <at> lists.sourceforge.net
Received-From-MTA: lists.sourceforge.net (unverified [216.34.181.88])
Arrival-Date: 1426263752 (Fri, 13 Mar 2015 12:22:32 -0400)
Origin-IP: 216.34.181.88
X-Modus-WasEncrypted: YES
X-Modus-BlackList: 216.34.181.88=OK;snort-users-bounces <at> lists.sourceforge.net=OK
X-Modus-RBL: 216.34.181.88=OK
X-Modus-Trusted: 216.34.181.88=NO
X-Modus-Audit: TRUE;5;-28051960418533861;130711549527500000
X-CustID: 687
X-Modus-BuildNumber: 214.18364
DomainKey-Status: 0
Resolved-Return-path: snort-users-bounces <at> lists.sourceforge.net
X-Modus-BATV: OFF
X-Modus-SRSRBL: OK
X-Sender-Origin: EXTERNAL

Recipient: brownr <at> mmc.org
Original-Address: brownr <at> mmc.org
Dsn-Original-Recipient: rfc822;brownr <at> mmc.org
Local-Status: Incoming

From: Sharif Uddin <Sharif.Uddin <at> spectrumgeo.com>
Subject: [Snort-users] snort not logging anything in log file
Date: 2015-03-13 16:16:13 GMT

Hello

 

 

I have just upgraded to latest version of snort.

 

I copied back my config file and started snort

 

 

snort -q -u snort -g snort -c /etc/snort/snort.conf -i em2 –D

 

 

 

however it seems to not be logging anything when I know it should. I have lot of traffic on the port which I can see via tcpdump.

 

 

 

[root <at> snort snort]# pwd

/var/log/snort

[root <at> snort snort]# ll

total 72

-rw-rw-rw- 1 snort snort     0 Mar 13 16:03 barnyard2.waldo

-rw-r--r-- 1 root  root      0 Mar 13 16:03 delayed_job.log

-rw-r--r-- 1 root  root      0 Mar 13 16:04 development.log

-rw-r--r-- 1 root  root   5480 Mar 13 16:11 production.log

-rw-r--r-- 1 root  root  65352 Mar 13 15:57 sid_changes.log

-rw------- 1 snort snort     0 Mar 13 16:10 snort.u2.1426263017

 

 

 

 

 

 

 

Sharif Uddin
Development/Support Engineer
-------------------

Spectrum Geo Ltd
Dukes Court, Duke Street
Woking, Surrey
GU21 5BH
UNITED KINGDOM

Tel: +44 (0) 1483 730201
Fax: +44 (0) 1483 762620

 

www.spectrumasa.com

 

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users <at> lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Gmane