Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: snort classification Question

From: Joel Esler <jesler () sourcefire com>
Date: Tue, 21 Aug 2012 18:20:33 -0400
So, to be clear, you want me to explain all the rules to you?


On Aug 21, 2012, at 3:16 PM, mohamad hosein jafari <smhjafari68 () gmail com> wrote:



You'd have to look in the rules themselves for what rules use this classification.  For instance, 
non-standard-protocol, actually only has one rule that uses it.
 
The classifications are assigned by the VRT member who writes the rule, and then when it's published it's reviewed to 
see if that makes sense.

 
yes I want the things that you said . But where can I find this? In other words where rule writers put their 
classification's explain on?
Also I want some explain about ALL snort alerts consist : Type , mechanism , effect And its resource .

I have these two question . And I want reference for these. Can you help me?

Thanks



------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: