Re: Looking for Archived Snort Community Rules

["Joel Esler (jesler)" <jesler () cisco com>]

That is correct.  Our rulesets are always additive.


--
Joel Esler
Manager, Talos Group




> On Jun 14, 2016, at 2:25 PM, Y M <snort () outlook com> wrote:
>
> I am willing to say that the current community ruleset contains "all" community contributed signatures. I am basing 
> this statement just by simply looking at sid numbers and how they fit with the general numbering of sids released. 
> Keep in mind that the community ruleset contains the rules that have been QA'ed by VRT/TALOS and not necessarily 
> "all" community contributed rules. I am not sure how this would skew your dataset/results.
>
> Perhaps someone else can provide a more accurate answer than mine as it is merely speculative.
>
> YM
>
> Sent from Mobile
>
>
>
>
> On Tue, Jun 14, 2016 at 9:13 PM +0300, "Jose David Mireles" <jose.david.mireles () gmail com 
> <mailto:jose.david.mireles () gmail com>> wrote:
>
> Hello, I’m a computer science graduate student and am conducting research on snort community rules effectiveness over 
> time.  Would someone please tell me how I can get a hold of older versions of the community rule?
>
> Thank you,
>
> Jose Mireles
>
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
> patterns at an interface-level. Reveals which users, apps, and protocols are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity planning
> reports. http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381 
> <http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381>
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs () lists sourceforge net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs <https://lists.sourceforge.net/lists/listinfo/snort-sigs>
> http://www.snort.org <http://www.snort.org/>
>
>
> Please visit http://blog.snort.org <http://blog.snort.org/> for the latest news about Snort!
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
> patterns at an interface-level. Reveals which users, apps, and protocols are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity planning
> reports. 
> http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381_______________________________________________ 
> <http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381_______________________________________________>
> Snort-sigs mailing list
> Snort-sigs () lists sourceforge net <mailto:Snort-sigs () lists sourceforge net>
> https://lists.sourceforge.net/lists/listinfo/snort-sigs <https://lists.sourceforge.net/lists/listinfo/snort-sigs>
> http://www.snort.org <http://www.snort.org/>
>
>
> Please visit http://blog.snort.org <http://blog.snort.org/> for the latest news about Snort!

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!