Snort mailing list archives
Re: VRT Rule Search is Back on Snort.org
From: Nigel Houghton <nhoughton () sourcefire com>
Date: Wed, 4 Nov 2009 13:41:19 -0500
On Wed, Nov 4, 2009 at 12:39 PM, Alex Kirk <akirk () sourcefire com> wrote:
If you have false positive, send it in to research () sourcefire com. The VRT monitors that list and will respond to submissions there. On Wed, Nov 4, 2009 at 12:29 PM, Jefferson, Shawn <Shawn.Jefferson () bcferries com> wrote:Can you provide a mechanism for us to submit false positive information via this interface somehow? ________________________________ From: Mike Guiterman [mailto:mguiterman () sourcefire com] Sent: Wednesday, November 04, 2009 9:15 AM To: Snort Users List; snort-sigs () lists sourceforge net Subject: [Snort-users] VRT Rule Search is Back on Snort.org Hi everyone, The updated VRT Rule Search feature is now live on Snort.org. Check it out at: http://snort.org/search. Full text search supports the following: Single keyword or SID search (ex – ‘windows’, ‘mysql’, ‘linux’) Multiple keyword search (ex – ‘windows 2000’, ‘mysql 4.10’) Multiple keyword search with terms joined by the AND, OR, and NOT boolean operators (ex – ‘windows AND 2000 NOT xp’) You can also search by rule fields to narrow your search results. The available fields are: keyword cve bugtraq sid See the search instructions at: http://snort.org/rule-search-instructions for more information on using the enhanced search capabilities. For those of you using BASE, keep an eye out for an upcoming release. Kevin and the BASE team will be updating the direct links back to Snort.org for rules documentation. Finally, the next enhancement will be to add the ability to search by Microsoft advisory number. We'll make an announcement when that feature is enabled. We'd love your feedback, please email any comments or enhancement requests to snort-site () sourcefire com. Our web developers monitor this list. Have a great day! Mike ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users-- Alex Kirk AEGIS Program Lead Sourcefire Vulnerability Research Team +1-410-423-1937 alex.kirk () sourcefire com ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
BEFORE submitting any false positive reports, read this page: http://www.snort.org/snort-rules/submit-a-false-positive The correct email address and the information required is listed on that page. -- Nigel Houghton Head Mentalist SF VRT http://vrt-sourcefire.blogspot.com && http://www.snort.org/vrt/ ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- VRT Rule Search is Back on Snort.org Mike Guiterman (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Jefferson, Shawn (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Alex Kirk (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Nigel Houghton (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Alex Kirk (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Jefferson, Shawn (Nov 04)