Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Reliability of signatures

From: Michael Scheidell <michael.scheidell () secnap com>
Date: Fri, 4 Feb 2011 11:56:05 -0500
On 2/4/11 11:51 AM, Martin Holste wrote:

investigations.  I want to be sure those rules are included in my
ruleset.  Obviously, all submissions would have to be anonymous.  IP's
would be nice, but then there's a chance someone could mess up src/dst
IP and accidentally de-anonymize themselves.


look at dshield and mynetwatchman for examples of the ip reputation.



--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
>*| *SECNAP Network Security Corporation

   * Certified SNORT Integrator
   * 2008-9 Hot Company Award Winner, World Executive Alliance
   * Five-Star Partner Program 2009, VARBusiness
   * Best in Email Security,2010: Network Products Guide
   * King of Spam Filters, SC Magazine 2008


______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ 
______________________________________________________________________  
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world? 
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: