Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Replicating the Bleeding Rulesets

From: Matt Jonkman <jonkman () jonkmans com>
Date: Wed, 26 Dec 2007 11:01:37 -0500
In light of the unavailability and repeated outages of the old Bleeding
Threats site we're going to replicate that ruleset on the Emerging
Threats website. More info on the site: http://www.emergingthreats.net
 (we've just moved DNS, so you may have an old IP for a few more
minutes, refresh later if you get a placeholder page)

As most of you know I've moved over to Emerging Threats. We've been very
generously grant funded by the Army Research Office and the National
Science Foundation in order to explore some new technologies and enhance
the intelligence gathering and signature producing capabilities of the
open community. We're still ramping up the backend and building a
website. We'll be producing data within days!

As is explained on the site the intention in replicating is not to split
the ruleset, split the community, fork it, compete, whatever. What we do
intend to do is keep it available and get it back to it's previous rate
of updates and new sigs. Plain maintenance just isn't good enough for
this field.

Emerging threats is all about new intel gathering, higher quality rules,
many different output forms and languages, and more realtime blocking
focuses. The backend to make that possible is being built as we speak,
and will start producing very soon. We're very excited about the future
output, and our close partnership with cyber-ta is going to get us off
to a light-speed start!

More as it develops of course, but you can download the current bleeding
ruleset from us, and future updates as well.

Matt
-- 
--------------------------------------------
Matthew Jonkman
Emerging Threats
US Phone 765-429-0398
US Fax 312-264-0205
AUS Phone 61-42-4157-491
AUS Fax 61-29-4750-026
http://www.emergingthreats.net
--------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: