HI Pete,

We are running the older version, and get our updates about every 50-60 
minutes.  We're using GBUdb as a test in Declude, separately from Message 
Sniffer.

I'll look up the info on upgrading gracefully.  Hadn't had much time to do that 
previously.

Darin.


----- Original Message ----- 
From: Pete McNeil 
To: Message Sniffer Community 
Sent: Monday, March 12, 2012 6:22 PM
Subject: [sniffer] Re: FPs on Sniffer-Schemes


On 3/12/2012 5:41 PM, Darin Cox wrote: 
  Started getting hits at 4:30pm EST up to 15 minutes ago (5:25pm EST). 
I think I can see part of the problem (possibly).
I do not have telemetry from your system (based on looking up your Id from your 
domain). I suspect this means that you are running an older version of SNF. By 
extension, that would mean a couple of things:

* Your rulebase update would not come as quickly as for most systems.
* Your SNF engine won't match on many of the newer rules.
* Your SNF engine will not have GBUdb and also will not be able to auto-panic 
new rules that conflict with IP reputation data.

Am I right about these assumptions?
If not, then we should figure out why I don't see your telemetry.

Thanks,

_M


-- 
Pete McNeil
Chief Scientist
ARM Research Labs, LLC
www.armresearch.com
866-770-1044 x7010
twitter/codedweller 

#############################################################

This message is sent to you because you are subscribed to

  the mailing list <sniffer@sortmonster.com>.

This list is for discussing Message Sniffer,

Anti-spam, Anti-Malware, and related email topics.

For More information see http://www.armresearch.com

To unsubscribe, E-mail to: <sniffer-...@sortmonster.com>

To switch to the DIGEST mode, E-mail to <sniffer-dig...@sortmonster.com>

To switch to the INDEX mode, E-mail to <sniffer-in...@sortmonster.com>

Send administrative queries to  <sniffer-requ...@sortmonster.com>

Reply via email to