Hello Stefan,
Tuesday, October 2, 2007, 3:14:03 AM, you wrote:
> Pete McNeil wrote:
>> I will respond off list.
> Did you try to contact me?
Yes.
> I didn't see anything from you.
> If yes which e-mail address did you use?
I used the address you used to post to the
to be
considered a "best practice". BUT - that is certainly not always the
case and there are plenty of systems that do delete or reject messages
instead. We do our best to handle all cases ;-)
_M
--
Pete McNeil
Chief Scientist,
Arm Re
that happened.
What you don't want to show is your authentication string. Treat that
"like a password". When we see those exposed on the list we change
them ;-)
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
###
ffer.
>>> For the first (known) time I see Message Sniffer filter a valid mail.
>>> What is the best way to handle stuff like this?
>>
>> Check out this page:
>> http://kb.armresearch.com/index.php?title=Message_Sniffer
t's not done already is to set up
proper SPF records for your domains. That will at least help others
skip the malware using your addresses more easily.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is se
we're looking at creating as a product at this
time.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe,
.
Darin.
I've pulled the rule.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
nto IIS SMTP as a mail sync. However that can be challenging.
What you are probably looking for in this case is ORF
http://kb.armresearch.com/index.php?title=Message_Sniffer.Installation.ORF
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs,
Jason
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-m
;
Also Pete, I don't think the plugin works with his version of MDaemon. I think you need Version 8 and up.
Daniel
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil
Sent: Thursday, August 09, 2007 9:29 AM
To: Message Sniffer Community
Subject: [sniffer
Hello Jason,
Thursday, August 9, 2007, 2:24:51 AM, you wrote:
>
hi all
may I know the pricing of message sniffer plugins for Mdaemon?
is it a one time cost or depends on users?
A subscription to the rulebase is $495 / year per server.
Thanks,
_M
--
Pete McNeil
Chief Scient
arch.com/message-sniffer/forms/order-trial.jsp
Hope this helps,
Thanks!
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E
nfidentiality, privilege or copyright.
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil
Sent: Tuesday, August 07, 2007 2:44 PM
To: Message Sniffer Community
Subject: [sniffer] Re: New campaign not caught
Hello Scott,
We have been working on both and we'
Although Farm Progress Companies has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments.
--
Pete McNeil
Chief Scientist,
Arm Research L
h very ordinary channels in very ordinary ways, so unless the OS decides to do something different with it you shouldn't see any special requirements.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
Th
> the mailing list .
> To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
> Send administrative queries to <[EMAIL PROTECTED]>
-
r patience and understanding!
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch t
.tst
> :nevermind
> #
> This message is sent to you because you are subscribed to
> the mailing list .
> To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
> To switch to the DIGEST mode, E-mail to <[EMAIL PR
spam traffic with spikes well in
excess of 300%
Hope this info is helpful,
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.<><>#
This message is sent to you because you are subscribed to
the
99-765-794-f
> X-MessageSniffer-Result: 0
> If I'm reading this right, the message in question triggered two rules
> with a score of "61" and two other rules with a score of "0". The "0"
> trumps the "61"???
--
Pete McNeil
Chief Scient
Hello Sniffer Folks,
Vertical Wall Of Spam
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.<>#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTE
Hello Sniffer Folks,
The greeting card malware spam is being pushed right now with amazing
bandwidth!
This is the first 11000+ / hour spike we've seen in quite a while.
Rules are in place for this, but be on the look out in case it hits
you before your update is ready.
_M
--
Pete M
r example) into pdfs to make them more difficult to filter.
That's it :-)
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe
cipate and
comment.
The command line version is also in late alpha testing on a similar
variety of systems and both projects will continue to be developed in
parallel.
Hope this helps,
Thanks!
_M
--
Pete McNeil
Chief Scientist,
Arm Research Lab
hat is done you can start things up again and everything should
work normally.
If not then the normal testing procedures should help you discover the
problem quickly.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
##
Hello Sniffer Folks,
We have just completed an upgrade to the rulebase compiler software.
The new version is 20-50% more efficient - as a result, updates will
be produced a bit more quickly and consistently.
There is no need to make any changes on your systems.
Thanks,
_M
--
Pete McNeil
-out nor Declude's attempt to kill them has been successful apparently.
Thanks for the details on this.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the
rt SMTP
Also, presuming you have a persistent instance - make sure that is still running. If that had failed for some reason then you might be running now in peer-server mode which will be a bit slower than persistent mode.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Resea
DIGEST mode, E-mail to <[EMAIL PROTECTED]>
> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
> Send administrative queries to <[EMAIL PROTECTED]>
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This
undreds of variations of a campaign with only a hand-full of rules. Of course this prompts the blackhats to produce spam that is even more highly variable and delivered with more bandwidth.
It's an arms race - no doubt about it.
_M
--
Pete McNeil
Chief Sc
backspace
keys never caught on.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to
ural changes and new tools developed from this event; the investigation is ongoing; and additional system changes will be forthcoming to help make these kinds of events far less likely, and even to help harden subsystems against the effects of these events whether they are caused unintentionally (such a
guesses as to what happened there -- but
if you're not using AppRiver then you shouldn't have been effected.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because yo
de rulebase updates for SNF.
Yesterday's events created a tremendous load on the network and that
caused some packet loss that caused rulebase downloads to slow down
for a time.
For more about ARM see: http://www.armresearch.com/
Hope this helps,
Thanks,
_M
--
Pete McNeil
Chief Scientist,
A
gt; to release it now.
> This isn't good
The good news is that the problem has been corrected now. We are still
seeing some after-effects from it, but those should be gone before too
long.
_M
--
Pete McNeil
Chief Scientis
n the next
20 minutes or so.
Our rulebase server is on the same network so it is effected.
BTW - they did not take down their contact information. It is right
where it always has been.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
elf is ok.
The problem is on the network.
I will provide new data as it arrives.
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list
t; the mailing list .
> To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
> Send administrative queries to <[EMA
y 10 hour period. At the moment this family of campaigns
appears to be contained, though we do continue to see new variations
and train the system to recognize them and some predictable variants.
* Today there has already been at least 2 new campaigns launched with
extremely high bandwidth.
Hope this
usand new spam per hour.
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switc
Hello David,
Monday, May 14, 2007, 2:59:16 AM, you wrote:
Do not send spam to the sniffer@ list.
Submit un-captured spam to [EMAIL PROTECTED], or preferably to a
spam collection pop3 box on your system that can be picked up by our
bots.
Thanks!
_M
###
###
> This message is sent to you because you are subscribed to
> the mailing list .
> To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
> To switch to the
ribed to
> the mailing list .
> To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
> Send administrative queries to <[EMAIL PROTE
you are seeing or are is it something else?
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTE
helps,
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST m
ami
You can clear them also and everything should return to normal. Follow this procedure:
Stop SMTP
Wait for SNF to finish any messages.
Stop SNF
Delete any orphaned job files (.QUE, .XXX, .WRK, .ABT, .FIN, etc)
Start SNF
Start SMTP
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
port what it learns. If it sees a lot of spam then it will decide that the IP is not a good source and will act accordingly. If it sees primarily legitimate messages then it will decide that the IP is good. If it sees a mix then it most likely will decide not to decide.
_M
--
t should be tuned. Theory is nice, and current test data shows that the theory stands up very well -- but we're all about reliability here so I want to see how it works when we throw our "wild mix" of systems at it ;-)
Hope this helps,
_M
--
Pete McNeil
Chief Scienti
uestions or comments please do not hesitate to
contact us either through our support@ address or on this list.
Thanks!
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
read, copy, distribute or
otherwise act upon this email. If you have received the email in error,
please contact the sender immediately and delete the email. The
unauthorized use of this email may result in liability for breach of
confidentiality, privilege or copyright.
--
Pete M
e. Given the circumstances - disabling F001 appears to be the best choice.
If conditions change then we can always reactivate the device.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is
The F001 bot will be disabled until further notice.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to
nt these
events. For example, there is one mechanism were IPs that appear to be
at risk are entered into the IP rule group as "nokens" (Excluded on
entry) to prevent manual or automatic processes from creating black
rules.
As you point out, though,
Hello Andy,
Tuesday, April 3, 2007, 9:36:17 AM, you wrote:
> Hi Phil,
> Yes, it seems as if some Sniffer rules, e.g., 1367683, is broadly targeting
> Google's IPs.
> I've submitted 3 false positive reports since last night, at least two of
> them were Google users, one located in the U.S. and t
Hope this helps,
Thanks!
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the
rt@ as an
attachment. I will take a look at it.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
gt; To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
> Send administrative queries to <[EMAIL PROTECTED]>
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are
Hello Jay,
Wednesday, March 21, 2007, 1:08:35 AM, you wrote:
> What's the status of Assert!? I see this mentioned in your Wiki in
> August of 05, but it's "coming soon" on your web site?
Assert! exists and was in production for a while, but we determined
that it was not complete enough so we sh
he recent patterns. I'm sure it hit different systems
in different ways.
Images attached.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
snapshot20070319-48hr.png
Description: PNG image
snapshot20070319-30day.png
Description: PNG image
#
guk.net
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switc
than a certain date automatically? For example, if the file date is older
> than the current date minus [Insert Number of Days Here] days, it could
> automatically remove it.
> - Original Message -
> From: "Pete McNeil" <[EMAIL PROTECTED]>
> To: "Me
e by increasing the number of active processes on the
system. Also, the extra files slow down directory scanning and this
can also reduce performance and bring the system closer to having a
problem.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
##
il to <[EMAIL PROTECTED]>
> Send administrative queries to <[EMAIL PROTECTED]>
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
Hello Paul Rogers,
Monday, February 12, 2007, 7:26:01 AM, you wrote:
> Is there anyway way to change the location where sniffer drops its temp
> files (other than moving the app files)?
No. The current version of SNF uses a single directory for it's
workspace.
Best,
_M
--
Pete M
ch of these come through with a lot of bandwidth
behind them... SNF should be catching them now (it is here). Chances
are that some got through to you before your rulebase updated with the
new rules.
Let me know if you're still having a problem.
Thanks,
_M
--
Pete McNeil
Chief
Note on the 48 hour graph that 20 hours ago the rates doubled (as if
somebody "flipped a switch") and this does not appear to be a spike
(It's not coming down).
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
200701161031-48hour.png
Description: PNG image
2007011610
procedure and we
will get the rule adjsuted or removed. This are rare - but they do
happen.
Please see the info on our rule-panic process:
http://kb.armresearch.com/index.php?title=Message_Sniffer.FAQ.FalsePositives#Sniffer_is_suddenly_creating_a_lot_of_False_Positives._What_do_I_do.3F
Hope this
ly depending upon the amount of traffic in
the system. For example, if the other boxes checked in the same loop
have a lot of traffic then it may take some time for the bot to get to
your box.
When traffic is light then all boxes get checked very quickly.
_M
--
Pete McNeil
Chief Scientist,
Arm R
reason you are VERY likely to get a clear
picture of why not.
* On our side of the net it is a very easy, off-the-shelf, and
conventional thing to scale up http services. Not so w/ FTP. Also,
from a security point of view there is always only one hole to open in
the firewall.
Hope this helps,
_M
--
ou are
getting I'll see if I can find a reason for the failure.
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-
ble achieving the same
results, and an analog of the same script is usable on *nix systems
where wget and gzip are generally already installed.
There are others of course.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
you should also see less leakage
and quicker responses to new mutations of spam.
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To
safe bet that FTP
access for SNF rulebase files will remain functional through the end
of this month however.
Thanks!
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscrib
condition. Cleanly = stop smtp
first, stop your persistent instance, Then (once no more messages are
being processed) clean out any abandoned job files (.xxx, .que, .fin,
.wrk, .err, .abt) then restart your persistent instance, then restart
smtp.
Hope this helps,
Thanks,
_M
--
Pete McNeil
Chi
e have the firewall issue cleared the
tempftp host will go away.
Sorry for the trouble.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing lis
stment or else the script will fail
to authenticate.
As far as I can tell from watching the logs there are no other
issues so far.
Thanks to Matt Reimer for tracking this down and reporting the fix.
Best,
_M
--
Pete McNeil
Chief Scientis
Hello Filippo,
Wednesday, January 3, 2007, 5:33:41 PM, you wrote:
> Hello Pete,
> I need any changes on my script file to download Sniffer Updates now?
> Please let mw know.
No changes will be required.
_M
--
Pete McNeil
Chief Scientist,
Arm Research
We will do what we can to minimize this possibility.
Hope this helps,
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe,
y the message
in any way -- provided the FP is discovered and submitted within the
storage window... This is all theoretical at the moment however and is
likely to be bundled with message archiving and quarantine features
that may obviate the need for such a thing...
Thanks,
_M
--
Pete McNeil
Ch
s, of course, apply).
It is inevitable that there will be a nonzero error rate - but that
error rate is demonstrably small given our current process, and we are
constantly researching and developing techniques to improve on that
rate.
Hope this helps,
_M
--
Pete McNeil
e subscribed to
> the mailing list .
> To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
> Send administrative queries to <[EMAIL PROTECTED]>
r a zero result NOT to indicate a whitelist hit, but
rather the absence of a black-rule hit.
On some systems that have customized rulebases, local white rules
_may_ be coded to a special result code so they can be extracted from
the results, but this is not usually the case.
Hope this helps,
Thanks
the only test
to fire on image spams so it has become necessary to abandon that
tactic in order to minimize leakage.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you
You might try using PASV mode so you don't have to open up your
firewall too much. I think that SFTP also works on this box though
I've not tried it personally.
We have approximately 130 systems uploading log files, so I'm sure the
server side is working ok.
_M
--
Pete McNe
MAIL PROTECTED]>
> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
> Send administrative queries to <[EMAIL PROTECTED]>
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
pdate
notifications you will want to revisit that mechanism to see that it
still works.
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list
Restart your SMTP processing.
7. Check your SNF log file for any errors.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing li
t; Transmitted 27779584 bytes in 930.4 secs, (292.72 Kbps), transfer failed
> ! Receive error: Blocking call cancelled
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed
h sniffer exit code I am checking? For example, 062, 063, etc. Thanks
> again,
>
> Keith
>
> From: Message Sniffer Community on behalf of Pete McNeil
> Sent: Fri 12/1/2006 11:37 AM
> To: Message Sniffer Community
> Subject: [sniff
at's it's only purpose.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTE
but it is very lightweight and so I expect the cycles saved far
outweigh those that are added.
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
the mai
switch to the DIGEST mode, E-mail to
> <[EMAIL PROTECTED]> To
> switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send
> administrative queries to <[EMAIL PROTECTED]>
> #
> This message is sent to y
stfix
http://kb.armresearch.com/index.php?title=Message_Sniffer.Installation.SpamAssassin
Hope this helps,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed to
th
xtension of the page (pages should all now be .jsp) and please let us know so we can fix it.
Thanks!
k
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because you are subscribed t
ads itself and the rulebase every 10 minutes or so (unless that is changed in the .cfg file or the reload command is given at the command line).
You don't need to do anything to get the new rulebase to be recognized.
_M
--
Pete McNeil
Chief Scientist,
Arm Research L
Hello Andrew,
Wednesday, October 25, 2006, 1:33:20 PM, you wrote:
> For another organization's graph of spam trends as received by them,
> check out the updated graphs at TQM cubed:
> http://tqmcube.com/tide.php
> Their graph shows a sharp uptick at the end of June 2006.
...and a new upward tr
our license ID (match your existing .exe).
Copy the new .exe over the old .exe.
Restart your persistent instance (if you have one).
Start processing messages.
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
T
Hello Alberto,
Monday, October 23, 2006, 4:27:08 PM, you wrote:
>
Same method for Imail 2006.1 + MxGuard ??
Yes.
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.
#
This message is sent to you because
Hello Jacques,
Monday, October 23, 2006, 3:25:52 PM, you wrote:
> We are now using sniffer 2-3.5 on BSD.
Did you have any trouble compiling that?
Also, which version of BSD (for reference).
Thanks,
_M
--
Pete McNeil
Chief Scientist,
Arm Research Labs,
Hello Computer,
Monday, October 23, 2006, 4:16:16 PM, you wrote:
>
Hi Jeff,
Be sure to stop the Sniffer services (Persistent) and the Declude services, then rename and replace the Sniffer EXE file, then restart the services.
A much more complete answer :-)
_M
--
Pete McN
401 - 500 of 1329 matches
Mail list logo
