[Oisf-devel] 77b708=WIN?

Chris Wakelin c.d.wakelin at reading.ac.uk
Wed Sep 28 18:12:54 UTC 2011


On 28/09/2011 19:08, Martin Holste wrote:
> Ah, so he did--missed that.  Ok, so you're thinking that the detection
> engine itself is having hiccups?  I did notice a weird issue a few
> days ago where alerts were firing erroneously on packets that content
> which was negated by the rule.
>
>

No it's working fine I think! I haven't spotted any missed alerts (e.g. 
spotting Blackhole landing URL but not the suspicious Javascript). I did 
get a crash (our occasional one, I think).

Having said that, it's been fairly quiet today. Just wait for next week 
when the new students arrive ...

Best Wishes,
Chris

-- 
--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
Christopher Wakelin,                           c.d.wakelin at reading.ac.uk
IT Services Centre, The University of Reading,  Tel: +44 (0)118 378 8439
Whiteknights, Reading, RG6 2AF, UK              Fax: +44 (0)118 975 3094



More information about the Oisf-devel mailing list