rules for Snort Inline

[Risto Vaarandi <risto.vaarandi () seb ee>]

hi all,
I have had Snort running in IDS mode for some time, and would now like 
deploy it in Inline mode for actually dropping malicious traffic. 
However, the Snort rules available at http://www.snort.org/rules/ have 
been configured to produce alerts only, and the user has to test each 
rule whether the 'drop', 'reject' or other such action would be suitable 
for his/her environment.
Since testing rules one by one involves a lot of time, I started to look 
for rule collections designed specifically for Snort Inline, and located 
the rulesets at BleedingSnort (http://www.bleedingsnort.com/rules/). My 
question is - are there any similar projects around for creating rules 
for Snort Inline?
I understand that for some rules it is difficult to verify that they 
don't block anything legitimate, yet there could be rules which almost 
never produce false positives. If someone has created a collection of 
such rules, I'd be thankful for the pointers.
br,
risto

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users