Snort mailing list archives
Re: Rules question
From: Matt Kettler <mkettler () evi-inc com>
Date: Mon, 16 Sep 2002 12:19:17 -0400
The whitehats ruleset has not been maintained for a long time. If you examine the files you will see just how long it has been (some time in 2000 if I recall correctly)
Until the author of that ruleset is released from prison and resumes maintenance of the ruleset do not use it. Fortunately he's supposed to be released in mid October, but until that time comes, the ruleset is dead and only exists for academic interest purposes.
At 11:50 AM 9/16/2002 -0300, Pedro Tedeschi wrote:
Hi, How rules are most used/best: Whitehats or "Standard Rules" of snort page?Looking a whitehat rule, i'm really liked, but comparing with the standard rules, very rules are missing ... i need to know if the whitehat rules, are trust, or miss some rules and there are not recommendable to use.Cheers, Pedro Tedeschi
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rules question Pedro Tedeschi (Sep 16)
- Re: Rules question Matt Kettler (Sep 16)