[Oisf-devel] 77b708=WIN?

Chris Wakelin c.d.wakelin at reading.ac.uk
Wed Sep 28 18:12:54 UTC 2011

On 28/09/2011 19:08, Martin Holste wrote:
> Ah, so he did--missed that.  Ok, so you're thinking that the detection
> engine itself is having hiccups?  I did notice a weird issue a few
> days ago where alerts were firing erroneously on packets that content
> which was negated by the rule.

No it's working fine I think! I haven't spotted any missed alerts (e.g. 
spotting Blackhole landing URL but not the suspicious Javascript). I did 
get a crash (our occasional one, I think).

Having said that, it's been fairly quiet today. Just wait for next week 
when the new students arrive ...

Best Wishes,

Christopher Wakelin,                           c.d.wakelin at reading.ac.uk
IT Services Centre, The University of Reading,  Tel: +44 (0)118 378 8439
Whiteknights, Reading, RG6 2AF, UK              Fax: +44 (0)118 975 3094

More information about the Oisf-devel mailing list