On 3/13/2012 11:19 AM, Scott Fosseen [Prairie Lakes AEA] wrote:
Can you check to see if all looks ok with
my copy as well.
Sure. I'll respond off-list
_M
--
Pete McNeil
Chief Scientist
ARM Research Labs, LLC
www.armresearch.com
866-770-1044 x7010
twitter/co
PM
Subject: [sniffer] Re: FPs on Sniffer-Schemes
On 3/12/2012 5:41 PM, Darin Cox wrote:
Started getting hits at 4:30pm EST up to 15 minutes ago (5:25pm EST).
I think I can see part of the problem (possibly).
I do not have telemetry from your system (based on looking up your Id from your
riginal Message -
From: Pete McNeil
To: Message Sniffer Community
Sent: Monday, March 12, 2012 6:22 PM
Subject: [sniffer] Re: FPs on Sniffer-Schemes
On 3/12/2012 5:41 PM, Darin Cox wrote:
Started getting hits at 4:30pm EST up to 15 minutes ago (5:25pm EST).
I think I can see part of the pr
On 3/12/2012 5:41 PM, Darin Cox wrote:
Started getting hits at 4:30pm EST up to
15 minutes ago (5:25pm EST).
I think I can see part of the problem (possibly).
I do not have telemetry from your system (based on looking up your
Id from your domain). I suspect this
On 3/12/2012 5:41 PM, Darin Cox wrote:
Started getting hits at 4:30pm EST up to
15 minutes ago (5:25pm EST). Not sure if the rule has been
pulled or corrected yet.
It was corrected nearly as soon as it was created. It did escape
into some rulebases - we saw t
: Monday, March 12, 2012 3:08 PM
To: Message Sniffer Community
Subject: [sniffer] Re: FPs on Sniffer-Schemes
On 3/12/2012 5:17 PM, Darin Cox wrote:
Hi Pete,
We're seeing a ton of FPs on a Sniffer-Schemes rule # 4764784.
That rule was detected as an error and re
On 3/12/2012 5:17 PM, Darin Cox wrote:
Hi Pete,
We're seeing a ton of FPs on a
Sniffer-Schemes rule # 4764784.
That rule was detected as an error and removed almost immediately
after it was created.
You should
More info...
Started getting hits at 4:30pm EST up to 15 minutes ago (5:25pm EST). Not sure
if the rule has been pulled or corrected yet.
Had 383 hits, and a very high percentage of those were FPs. Don't have an
exact number, due to having to release the messages quickly for delivery, but I