Rules for Adware

["Darden, Patrick S." <darden () armc org>]

I've looked in the archives, and the rules directory, but haven't found an
Adware or Malware ruleset.  I'm talking about picking up traces of
keenvalue, 2020search, rcprograms, flowgo, etc.  I've been putting a ruleset
together that handles these, but I don't want to duplicate efforts.  If
someone already has a good/comprehensive ruleset that they don't mind making
public, I'm sure a lot of people would appreciate it.

If nobody has one, then I don't mind putting one together.  I already have
the above, and will continue to add to it as time goes by.  Send me your
rules for Adware/Malware and I will include them.  If you want a copy of my
ruleset, let me know--it's not very subtle, but it works.

--Patrick Darden
--darden () armc org
--Unix/Firewall/Security


-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users