Re: Wacky Idea Re: OpenAppID

["Joel Esler (jesler)" <jesler () cisco com>]

On Jul 6, 2014, at 10:39 PM, Randal T. Rioux <randy () procyonlabs com<mailto:randy () procyonlabs com>> wrote:

No, I haven't used it yet. But I love the concept, and will soon! ;-)

My question is dependent on this: Is the "rule" set available separately
from the detector engine? This assumes I read the intro right about how
it works.

Yes.  The ruleset is available separately.


If so, can we cram this set of OpenAppID rules into a Palo Alto box?

No, and I may throw something at you.

C'mon. You know you want to do it. My guess is they are different
formats. But it's worth checking into.

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team

------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!