Hi,
I don't know if this is the right place to post this question, but I try...
I am running Snort on my Linux station. The strange thing is that everytime I visit for example google I get an alert
05/24-15:37:26.969220 [**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**] {TCP} [My IP]:40190 -> [IP to google.com]:80
Does anyone know why I get this alert, and how can I get rid of this false alarms? I am not sure what http_inspect signatures check for...
/MrWhisp
