Snort mailing list archives
Re: VRT Domain name lists
From: snort user <snort.user () gmail com>
Date: Wed, 27 Jul 2011 14:56:04 -0400
In the roadmap ahead, will IP reputation remain purely IP or will be extended for domain names, or is it too early to say? Thanks On Tue, Jul 26, 2011 at 6:35 PM, Joel Esler <jesler () sourcefire com> wrote:
Snort 2.9.1 beta has an IP reputation preprocessor that is in development form. We are not publishing a "blacklist" for import into Snort at this time. I suggest a read of: http://vrt-blog.snort.org/2011/02/blacklistrules-clamav-and-data-mining.html Joel On Jul 26, 2011, at 6:23 PM, snort user wrote:http://labs.snort.org/iplists/ There are several lists of domain name (blacklists?) in the above repo. Is there a mechanism in snort to use this? Are there any other program that consumes this in order to detect malicious dns queries? Thanks ------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don't ask for help often. Plus, you'll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please see http://www.snort.org/docs for documentation
------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don't ask for help often. Plus, you'll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please see http://www.snort.org/docs for documentation
Current thread:
- VRT Domain name lists snort user (Jul 26)
- Re: VRT Domain name lists Joel Esler (Jul 26)
- Re: VRT Domain name lists snort user (Jul 27)
- Re: VRT Domain name lists Joel Esler (Jul 27)
- Re: VRT Domain name lists waldo kitty (Jul 31)
- Re: VRT Domain name lists snort user (Jul 27)
- Re: VRT Domain name lists Joel Esler (Jul 26)