[Snort-users] Strange..

This is a multi-part message in MIME format.

------_=_NextPart_001_01C52C06.AB8F3CB9
Content-Type: text/plain;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

Hey, Ever since they shut down the direct snort lookup from ACID my life
has sucked.... Anyway, I am getting LOTS of these errors.
(spp_stream4) possible EVASIVE RST detection
=20
Are they normal *(We are an ASP, so people hit our database via the
website all day long)* and if so where would this rule be soI can
comment it out?
=20
Thanks!
=20
=20
(Also how can I fix the ACID rule lookup?)
=20
Thaks
=20
Marc Hering
Manager of Network Operations
Reval
100 Broadway 22nd Floor
New York, NY 10005
Direct: 212-901-9710
Fax: 212-901-9797
www.reval.com <http://www.reval.com/>=20
=20

------_=_NextPart_001_01C52C06.AB8F3CB9
Content-Type: text/html;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<META content=3D"MSHTML 6.00.2800.1491" name=3DGENERATOR></HEAD>
<BODY>
<DIV><SPAN class=3D193330422-18032005><FONT face=3DArial size=3D2>Hey, =
Ever since they=20
shut down the direct snort lookup from&nbsp;ACID&nbsp;my life has=20
sucked....&nbsp; Anyway, I am getting LOTS of these errors.&nbsp; <FONT=20
face=3D"Times New Roman" size=3D3>(spp_stream4) possible EVASIVE RST=20
detection</FONT></FONT></SPAN></DIV>
<DIV><SPAN class=3D193330422-18032005></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D193330422-18032005><FONT face=3DArial size=3D2>Are =
they normal *(We=20
are an ASP, so people hit our database via the website all day =
long)*&nbsp; and=20
if so where would this rule be soI can comment it =
out?</FONT></SPAN></DIV>
<DIV><SPAN class=3D193330422-18032005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D193330422-18032005><FONT face=3DArial=20
size=3D2>Thanks!</FONT></SPAN></DIV>
<DIV><SPAN class=3D193330422-18032005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D193330422-18032005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D193330422-18032005><FONT face=3DArial size=3D2>(Also =
how can I fix=20
the ACID rule lookup?)</FONT></SPAN></DIV>
<DIV><SPAN class=3D193330422-18032005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D193330422-18032005><FONT face=3DArial=20
size=3D2>Thaks</FONT></SPAN></DIV>
<DIV>&nbsp;</DIV>
<DIV align=3Dleft>
<DIV align=3Dleft><FONT size=3D4>Marc Hering</FONT></DIV>
<DIV align=3Dleft><FONT size=3D4>Manager of Network =
Operations</FONT></DIV>
<DIV align=3Dleft><FONT color=3D#800000 size=3D4>Reval</FONT></DIV>
<DIV align=3Dleft><FONT size=3D4>100 Broadway 22nd Floor</FONT></DIV>
<DIV align=3Dleft><FONT size=3D4>New York, NY 10005</FONT></DIV>
<DIV align=3Dleft><FONT size=3D4>Direct: 212-901-9710</FONT></DIV>
<DIV align=3Dleft><FONT size=3D4>Fax: 212-901-9797</FONT></DIV>
<DIV align=3Dleft><A title=3Dhttp://www.reval.com/=20
href=3D"http://www.reval.com/"><FONT title=3Dhttp://www.reval.com/=20
size=3D4>www.reval.com</FONT></A></DIV></DIV>
<DIV>&nbsp;</DIV></BODY></HTML>

------_=_NextPart_001_01C52C06.AB8F3CB9--


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users