[Oisf-users] What does this message mean?

Andreas Moe moe.andreas at gmail.com
Mon Jun 29 18:01:28 UTC 2015


Firstly the rule itself in the suricata rules folder (as defined in the
suricata config) will show what this rule will trigger on. Comments are
usualy provided in the rules file to indicate their origin / definition :)
29. juni 2015 19:55 skrev "James Moe" <jimoe at sohnen-moe.com>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
>   suricata 2.0.7
>
>   What are the consequences of this message?
>
> 06/29/2015-10:36:27.579051  [**] [1:2240001:1] SURICATA DNS
> Unsollicited response [**] [Classification: (null)] [Priority: 3]
> {UDP} 192.168.69.246:53 -> 192.168.69.109:42213
>
> BTW: "Unsollicited" is misspelled. It should be "Unsolicited".
>
>   Where may I find descriptions of the rules?
>
> - --
> James Moe
> moe dot james at sohnen-moe dot com
> 520.743.3936
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iEYEARECAAYFAlWRhooACgkQzTcr8Prq0ZPsGQCdGidt/fDguwxt9vMzyZ/fhwfZ
> a30AnjrzP0lopEo8F0ySYvEPOZ+P/D+W
> =YwAK
> -----END PGP SIGNATURE-----
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 4 & 5 in Barcelona:
> http://oisfevents.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150629/ccfe7c63/attachment-0002.html>


More information about the Oisf-users mailing list