Snort mailing list archives

Signature names

From: "Mike Macias" <mike.macias () caci-nsg com>
Date: Tue, 23 Apr 2002 21:00:39 -0400

Is there any work being done to shorten/standardize snort sig names?
The current sig names are unwieldy and they make programming tools(command line) for analysis difficult.
I'm currently making tools that will, among other things, allow you to query a db looking for matching sig names:

snort_tool -s <sig_name>

However, when it comes to some of the snort sig names:

snort_tool -s "WEB-MISC technote main.cgi file directory traversal attempt"

I can imagine an analyst pulling his/her hair out typing this in.

Thanks,
Mike

Current thread:

Signature names Mike Macias (Apr 23)
- Re: Signature names Andrew R. Baker (Apr 23)
- <Possible follow-ups>
- RE: Signature names Redman, Ken (Apr 24)