[Oisf-devel] 77b708=WIN?
Chris Wakelin
c.d.wakelin at reading.ac.uk
Wed Sep 28 18:12:54 UTC 2011
On 28/09/2011 19:08, Martin Holste wrote:
> Ah, so he did--missed that. Ok, so you're thinking that the detection
> engine itself is having hiccups? I did notice a weird issue a few
> days ago where alerts were firing erroneously on packets that content
> which was negated by the rule.
>
>
No it's working fine I think! I haven't spotted any missed alerts (e.g.
spotting Blackhole landing URL but not the suspicious Javascript). I did
get a crash (our occasional one, I think).
Having said that, it's been fairly quiet today. Just wait for next week
when the new students arrive ...
Best Wishes,
Chris
--
--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
Christopher Wakelin, c.d.wakelin at reading.ac.uk
IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439
Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094
More information about the Oisf-devel
mailing list