Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort alert description

    Scheduled Pinned Locked Moved
    IDS/IPS
    1
    3
    649
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Joseph Watever J
      last edited by

      i have install snort ids/ips and i have activate ALL packages

      in alert section, i see :

      Attempted User Privilege Gain :(smtp) Attempted response buffer overflow: 529 chars
      Attempted Information Leak : (portscan) UDP Filtered Portscan
      Potentially Bad Traffic : ET SCAN Suspicious inbound to MSSQL port 1433

      any one can explain this ?

      1 Reply Last reply Reply Quote 0
      • J
        Joseph Watever J
        last edited by

        Misc activity : ET POLICY Signed TLS Certificate with md5WithRSAEncryption

        1 Reply Last reply Reply Quote 0
        • J
          Joseph Watever J
          last edited by

          Generic Protocol Command Decode : ET INFO Session Traversal Utilities for NAT (STUN Binding Response)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.