Snort mailing list archives
Re: Import ET into Sourcefire DC
From: Matthew Jonkman <jonkman () emergingthreatspro com>
Date: Mon, 17 Jan 2011 08:24:32 -0500
I'd love to see this on the list of we can. We have a number of customers that do, and a lot of open ruleset users that want to, but there's never been much discussion of how to do so. No one likes a security product that eliminates flexibility, more info here would be good for all I think. I'll even make sure we get it documented somewhere public! Matt On Jan 17, 2011, at 8:17 AM, Joel Esler wrote:
On Jan 17, 2011, at 8:00 AM, Gregory Zill wrote:Possibly a little off-topic, but I was wondering if anyone uses ET rules on a Sourcefire Defense Center? The rules need to be reformatted somewhat before accepted into the DC for use on SF sensors. I appreciate any information out there.We know of a couple customers that do. If you'd like to write me off-list, I can help you with this. -- Joel Esler jesler () sourcefire com http://blog.snort.org && http://blog.clamav.net ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
---------------------------------------------------- Matthew Jonkman Emergingthreats.net Emerging Threats Pro Open Information Security Foundation (OISF) Phone 765-807-8630 Fax 312-264-0205 http://www.emergingthreatspro.com http://www.openinfosecfoundation.org ---------------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Import ET into Sourcefire DC Gregory Zill (Jan 17)
- Re: Import ET into Sourcefire DC Joel Esler (Jan 17)
- Re: Import ET into Sourcefire DC Matthew Jonkman (Jan 17)
- Re: Import ET into Sourcefire DC Joel Esler (Jan 17)
- Re: Import ET into Sourcefire DC Matthew Jonkman (Jan 17)
- Re: Import ET into Sourcefire DC Joel Esler (Jan 17)
- Re: Import ET into Sourcefire DC Matthew Jonkman (Jan 17)
- Re: Import ET into Sourcefire DC Matthew Jonkman (Jan 17)
- Re: Import ET into Sourcefire DC Joel Esler (Jan 17)