Undeliverable:Re: [Snort-users] barnyard (fwd)

This is a discussion on Undeliverable:Re: [Snort-users] barnyard (fwd) within the Snort forums, part of the System Security and Security Related category; --==========29CFE05B3F3D16588450========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline This address has ...


Go Back   Usenet Forums > System Security and Security Related > Snort

Reload this Page Undeliverable:Re: [Snort-users] barnyard (fwd)

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 01-28-2006
Paul Schmehl
 
Posts: n/a
Default Undeliverable:Re: [Snort-users] barnyard (fwd)
--==========29CFE05B3F3D16588450==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

This address has been bouncing for well over a year. Do the administrators
of this list think it might be possible to purge the address from the list?

------------ Forwarded Message ------------
Date: January 27, 2006 10:49:02 PM -0600
From: System Administrator <postmaster@utdevs08.utdallas.edu>
To: "Schmehl, Paul L" <pauls@utdallas.edu>
Subject: Undeliverable:Re: [Snort-users] barnyard

Your message

To: Brian Krusic; snort-users@lists.sourceforge.net
Subject: Re: [Snort-users] barnyard
Sent: Fri, 27 Jan 2006 22:21:16 -0600

did not reach the following recipient(s):

anjah@imedia.fr on Fri, 27 Jan 2006 22:26:51 -0600
The e-mail account does not exist at the organization this message
was sent to. Check the e-mail address, or contact the recipient
directly to find out the correct address.
<imedia-hvj182q6.imedia.net #5.1.1>

---------- End Forwarded Message ----------



Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/
--==========29CFE05B3F3D16588450==========
Content-Type: message/rfc822;
name="Undeliverable:Re: [Snort-users] barnyard"

X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Received: from iq1.utdallas.edu ([10.110.10.12]) by UTDEVS08.campus.ad.utdallas.edu with Microsoft SMTPSVC(6.0.3790.211); Fri, 27 Jan 2006 22:49:01 -0600
MIME-Version: 1.0
Content-Type: multipart/report;
report-type=delivery-status;
boundary="----_=_NextPart_001_01C623C6.28B73B0B"
Received: from localhost (mf2-pmn.utdallas.edu [192.168.1.14]) by iq1.utdallas.edu (Postfix) with ESMTP id AED0346E2 for <pauls@utdallas.edu>; Fri, 27 Jan 2006 22:49:01 -0600 (CST)
Received: from mx2.utdallas.edu ([129.110.10.17]) by localhost (mf2.utdallas.edu [10.110.10.14]) (amavisd-new, port 10024) with LMTP id 06140-01-65 for <pauls@utdallas.edu>; Fri, 27 Jan 2006 22:48:59 -0600 (CST)
Received: from caine.easynet.fr (smarthost172.mail.easynet.fr [212.180.1.172]) by mx2.utdallas.edu (Postfix) with ESMTP id 2B60A342E for <pauls@utdallas.edu>; Fri, 27 Jan 2006 22:48:59 -0600 (CST)
Received: from imedia008306-2.clients.easynet.fr ([195.114.86.66] helo=imedia-hvj182q6.imedia.net) by caine.easynet.fr with esmtp (Exim 4.50) id 1F2hdp-00028O-1z for pauls@utdallas.edu; Sat, 28 Jan 2006 05:24:49 +0100
X-Greylist: delayed 1452 seconds by postgrey-1.21 at mx2; Fri, 27 Jan 2006 22:48:59 CST
X-DSNContext: 335a7efd - 4523 - 00000001 - 80040546
X-Virus-Scanned: amavisd-new at utdallas.edu
X-Spam-Status: No, score=4.197 tagged_above=1 required=8 tests=[BAD_ENC_HEADER=3.1, BAYES_50=0.001, FORGED_RCVD_HELO=0.135, NO_REAL_NAME=0.961, SUBJECT_EXCESS_QP=0]
X-Spam-Score: 4.197
X-Spam-Level: ****
Return-Path: <>
X-OriginalArrivalTime: 28 Jan 2006 04:49:01.0898 (UTC) FILETIME=[28A422A0:01C623C6]
Content-class: urn:content-classes:dsn
Subject: Undeliverable:Re: [Snort-users] barnyard
Date: Fri, 27 Jan 2006 22:49:02 -0600
Message-ID: <R0rmTIVvL00000db5@imedia-hvj182q6.imedia.net>
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
Thread-Topic: [Snort-users] barnyard
Thread-Index: AcYjxii0U+9wxwWnSWyNJpbB1DG1LAAAAACO
From: "System Administrator" <postmaster@utdevs08.utdallas.edu>
To: "Schmehl, Paul L" <pauls@utdallas.edu>

This is a multi-part message in MIME format.

------_=_NextPart_001_01C623C6.28B73B0B
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Your message

To: Brian Krusic; snort-users@lists.sourceforge.net
Subject: Re: [Snort-users] barnyard
Sent: Fri, 27 Jan 2006 22:21:16 -0600

did not reach the following recipient(s):

anjah@imedia.fr on Fri, 27 Jan 2006 22:26:51 -0600
The e-mail account does not exist at the organization this message
was sent to. Check the e-mail address, or contact the recipient
directly to find out the correct address.
<imedia-hvj182q6.imedia.net #5.1.1>

------_=_NextPart_001_01C623C6.28B73B0B
Content-Type: message/delivery-status
Content-Transfer-Encoding: 7bit

Reporting-MTA: dns; UTDEVS08.campus.ad.utdallas.edu

Final-Recipient: RFC822; anjah@imedia.fr
Action: failed
Status: 5.1.1
X-Supplementary-Info: <imedia-hvj182q6.imedia.net #5.1.1>
X-Display-Name: anjah@imedia.fr

------_=_NextPart_001_01C623C6.28B73B0B
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit

X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Received: by UTDEVS08.campus.ad.utdallas.edu
id <01C623C3.0EC4A100@UTDEVS08.campus.ad.utdallas.edu >; Fri, 27 Jan 2006 22:26:50 -0600
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_002_01C623C3.0EC4A100"
Content-class: urn:content-classes:message
Subject: Re: [Snort-users] barnyard
Date: Fri, 27 Jan 2006 22:21:16 -0600
Message-ID: <01A667BDD18F1F97A655A8DE@Paul-Schmehls-Computer.local>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Snort-users] barnyard
Thread-Index: AcYjxii0U+9wxwWnSWyNJpbB1DG1LA==
List-Help: <mailto:snort-users-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/snort-users>, <mailto:snort-users-request@lists.sourceforge.net?subject=subscribe>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/snort-users>, <mailto:snort-users-request@lists.sourceforge.net?subject=unsubscribe>
From: "Schmehl, Paul L" <pauls@utdallas.edu>
To: "Brian Krusic" <brian@krusic.com>,
<snort-users@lists.sourceforge.net>
Reply-To: "Schmehl, Paul L" <pauls@utdallas.edu>

This is a multi-part message in MIME format.

------_=_NextPart_002_01C623C3.0EC4A100
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

--On January 27, 2006 4:47:14 PM -0800 Brian Krusic <brian@krusic.com>=20
wrote:
>
> My command line;
>
> barnard -c /usr/local/barnyard/etc/barnyard.conf -d /var/log/snort -g
> /usr/local/snort/etc/gen-msg.map -s /usr/local/snort/etc/sid-msg.map =
-f
> snort.alert
>
You can run barnyard with this:
barnyard -c /path/to/conffile -d /path/to/logdir -f logfilename

If you do this in the barnyard.conf file
config sid-msg-map: /path/to/sid-msg.map
config gen-msg=3Dmap: /path/to/gen-msg.map
config class-file: /path/to/classification.config

This is not in the docs, but it is in the source code. (I'm the FreeBSD =

port maintainer for barnyard.)

Barnyard can output directly to a text file, to a pcap file, to a =
database=20
(mysql or postgresql) or to sguil.

Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log =
files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=...230486&dat=3D=
121642
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...=3Dsnort-users


------_=_NextPart_002_01C623C3.0EC4A100
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
6.5.7226.0">
<TITLE>Re: [Snort-users] barnyard</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->

<P><FONT SIZE=3D2>--On January 27, 2006 4:47:14 PM -0800 Brian Krusic =
&lt;brian@krusic.com&gt;<BR>
wrote:<BR>
&gt;<BR>
&gt; My command line;<BR>
&gt;<BR>
&gt; barnard -c /usr/local/barnyard/etc/barnyard.conf -d /var/log/snort =
-g<BR>
&gt; /usr/local/snort/etc/gen-msg.map -s =
/usr/local/snort/etc/sid-msg.map -f<BR>
&gt; snort.alert<BR>
&gt;<BR>
You can run barnyard with this:<BR>
barnyard -c /path/to/conffile -d /path/to/logdir -f logfilename<BR>
<BR>
If you do this in the barnyard.conf file<BR>
config sid-msg-map: /path/to/sid-msg.map<BR>
config gen-msg=3Dmap: /path/to/gen-msg.map<BR>
config class-file: /path/to/classification.config<BR>
<BR>
This is not in the docs, but it is in the source code.&nbsp; (I'm the =
FreeBSD<BR>
port maintainer for barnyard.)<BR>
<BR>
Barnyard can output directly to a text file, to a pcap file, to a =
database<BR>
(mysql or postgresql) or to sguil.<BR>
<BR>
Paul Schmehl (pauls@utdallas.edu)<BR>
Adjunct Information Security Officer<BR>
University of Texas at Dallas<BR>
AVIEN Founding Member<BR>
<A HREF=3D"http://www.utdallas.edu/">http://www.utdallas.edu/</A><BR>
<BR>
<BR>
-------------------------------------------------------<BR>
This SF.net email is sponsored by: Splunk Inc. Do you grep through log =
files<BR>
for problems?&nbsp; Stop!&nbsp; Download the new AJAX search engine that =
makes<BR>
searching your log files as easy as surfing the&nbsp; web.&nbsp; =
DOWNLOAD SPLUNK!<BR>
<A =
HREF=3D"http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D103432&bid=3D2304=
86&dat=3D121642">http://sel.as-us.falkag.net/sel?cmd=...id=3D103432&b=
id=3D230486&dat=3D121642</A><BR>
_______________________________________________<BR >
Snort-users mailing list<BR>
Snort-users@lists.sourceforge.net<BR>
Go to this URL to change user options or unsubscribe:<BR>
<A =
HREF=3D"https://lists.sourceforge.net/lists/listinfo/snort-users">https:/=
/lists.sourceforge.net/lists/listinfo/snort-users</A><BR>
Snort-users list archive:<BR>
<A =
HREF=3D"http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users">http:=
//www.geocrawler.com/redir-sf.php3?list=3Dsnort-users</A><BR>
<BR>
</FONT>
</P>

</BODY>
</HTML>
------_=_NextPart_002_01C623C3.0EC4A100--

------_=_NextPart_001_01C623C6.28B73B0B--

--==========29CFE05B3F3D16588450==========--



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=...486&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 02:55 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0