<p dir="ltr">Firstly the rule itself in the suricata rules folder (as defined in the suricata config) will show what this rule will trigger on. Comments are usualy provided in the rules file to indicate their origin / definition :)</p>
<div class="gmail_quote">29. juni 2015 19:55 skrev "James Moe" <<a href="mailto:jimoe@sohnen-moe.com">jimoe@sohnen-moe.com</a>>:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
Hello,<br>
suricata 2.0.7<br>
<br>
What are the consequences of this message?<br>
<br>
06/29/2015-10:36:27.579051 [**] [1:2240001:1] SURICATA DNS<br>
Unsollicited response [**] [Classification: (null)] [Priority: 3]<br>
{UDP} <a href="http://192.168.69.246:53" rel="noreferrer" target="_blank">192.168.69.246:53</a> -> <a href="http://192.168.69.109:42213" rel="noreferrer" target="_blank">192.168.69.109:42213</a><br>
<br>
BTW: "Unsollicited" is misspelled. It should be "Unsolicited".<br>
<br>
Where may I find descriptions of the rules?<br>
<br>
- --<br>
James Moe<br>
moe dot james at sohnen-moe dot com<br>
<a href="tel:520.743.3936" value="+15207433936">520.743.3936</a><br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v2<br>
<br>
iEYEARECAAYFAlWRhooACgkQzTcr8Prq0ZPsGQCdGidt/fDguwxt9vMzyZ/fhwfZ<br>
a30AnjrzP0lopEo8F0ySYvEPOZ+P/D+W<br>
=YwAK<br>
-----END PGP SIGNATURE-----<br>
_______________________________________________<br>
Suricata IDS Users mailing list: <a href="mailto:oisf-users@openinfosecfoundation.org">oisf-users@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" rel="noreferrer" target="_blank">http://suricata-ids.org</a> | Support: <a href="http://suricata-ids.org/support/" rel="noreferrer" target="_blank">http://suricata-ids.org/support/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" rel="noreferrer" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
Suricata User Conference November 4 & 5 in Barcelona: <a href="http://oisfevents.net" rel="noreferrer" target="_blank">http://oisfevents.net</a><br>
</blockquote></div>