[Oisf-users] not finding alerts
Victor Julien
victor at inliniac.net
Tue Mar 27 07:06:37 UTC 2012
On 03/26/2012 04:04 PM, Giannis Tzagarakis wrote:
> Hello,
>
> I m running suricata v1.2.1 on a trace file
> with a single rule file.
> (attack-responses.rules from VRT)
>
> While snort finds 9 alerts on this trace
> surcata finds 0.
The first thing that comes to mind would be checksums. In your
/var/log/suricata/stats.log check the tcp.invalid_checksum counter.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list