[Oisf-users] Problem with understanding app-layer-events.rules
Cooper F. Nelson
cnelson at ucsd.edu
Mon Jan 25 18:02:28 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
When we saw problems like this it turned out to be an issue with our
capture mechanism only forwarding traffic in a single directions from
certain vlans.
- -Coop
On 1/25/2016 6:44 AM, Evgeniy Danilenko wrote:
> Hello Guys!
>
> In my installation of suricata, i have a lot of alerts like:
>
> - SURICATA Applayer Mismatch protocol both directions;
> - Wrong direction first Data;
>
> and especially:
>
> - Detect protocol only one direction;
>
> What does they mean? Do i have some problem with installed services?
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
iQEcBAEBAgAGBQJWpmM0AAoJEKIFRYQsa8FWBe0H/2suhKK2/EYcU/9GjDwy3yk6
qEVmhGDGnXH0mNTbgR7w9Y0FwSijWec1YG/EnQFbOZ9lI2WSFGEGzjUOqL9ZUvtk
4bdJuUCCREHxNeFN4syqfNhMNrwaCk9Lf+FIRDqGkKK3eD5kFLAIBVMPlHLnDsmt
oz9N0Vl9FwD3m1LxNfnezBzm2AokfF/p6sI+bM6N/HHU1ltnSScMTCPnVmOpdsS/
hBU3pppIFPhpimV4UNSQ3aakSJjr1k6QtSAEn+ZNar36IpXTyETzBSjsy5/Owdhf
GhwqN1LUTDZzAz43PAvAv5HjZJIT+umzVkCVW9S13ZuwvCrn3X6WXUJbA5yij/Y=
=8bsa
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list