On 3/12/2012 5:41 PM, Darin Cox wrote:
Started getting hits at 4:30pm EST up to 15 minutes ago (5:25pm EST).I think I can see part of the problem (possibly). I do not have telemetry from your system (based on looking up your Id from your domain). I suspect this means that you are running an older version of SNF. By extension, that would mean a couple of things: * Your rulebase update would not come as quickly as for most systems. * Your SNF engine won't match on many of the newer rules. * Your SNF engine will not have GBUdb and also will not be able to auto-panic new rules that conflict with IP reputation data. Am I right about these assumptions? If not, then we should figure out why I don't see your telemetry. Thanks, _M -- Pete McNeil Chief Scientist ARM Research Labs, LLC www.armresearch.com 866-770-1044 x7010 twitter/codedweller ############################################################# This message is sent to you because you are subscribed to the mailing list <sniffer@sortmonster.com>. This list is for discussing Message Sniffer, Anti-spam, Anti-Malware, and related email topics. For More information see http://www.armresearch.com To unsubscribe, E-mail to: <sniffer-...@sortmonster.com> To switch to the DIGEST mode, E-mail to <sniffer-dig...@sortmonster.com> To switch to the INDEX mode, E-mail to <sniffer-in...@sortmonster.com> Send administrative queries to <sniffer-requ...@sortmonster.com> |
- [sniffer] Re: FPs on Sniffer-Schemes Darin Cox
- [sniffer] Re: FPs on Sniffer-Scheme... Pete McNeil
- [sniffer] Re: FPs on Sniffer-Scheme... Colbeck, Andrew
- [sniffer] Re: FPs on Sniffer-Scheme... Pete McNeil
- [sniffer] Re: FPs on Sniffer-Scheme... Pete McNeil
- [sniffer] Re: FPs on Sniffer-Scheme... Darin Cox
- [sniffer] Re: FPs on Sniffer-Scheme... Scott Fosseen [Prairie Lakes AEA]
- [sniffer] Re: FPs on Sniffer-Scheme... Pete McNeil