Snort mailing list archives
Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05
From: infosec posts <infosec.posts () gmail com>
Date: Mon, 7 Jun 2010 08:41:28 -0500
Greetings, Unless I'm mistaken, there is not a "complete list of new and modified rules" available at the link referenced below. These bulletins used to list the SIDs/GIDs for the SO rules in the update package, like so: http://seclists.org/snort/2010/q2/668 More recent bulletins seem to have quit listing the SO rules in the update, and I haven't been able to find a changelog on the website that indicates what new SO rules should be in our update packages. For example, since this update only includes SO rules, the changelogs linked on the site are blank/empty (http://www.snort.org/vrt/docs/ruleset_changelogs/2_8_6_0/changes-2010-06-05.html). This makes it difficult to determine what the new rules are and verify that they have been deployed correctly. If this information is available somewhere, I'd be happy if someone could point me to it; otherwise, could Sourcefire resume listing SO rule SIDs/GIDs in these signature update bulletins, or in the changelogs on the webiste? On Sat, Jun 5, 2010 at 4:44 PM, Research <research () sourcefire com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sourcefire VRT Certified Snort Rules Update Synopsis: This release adds rules to the web-client category for 0-day attacks in multiple Adobe products. Details: The Sourcefire VRT has become aware of a 0-day vulnerability in multiple Adobe products. For a complete list of new and modified rules please see: http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2010-06-05.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFMCsUkQcQOxItLLaMRAlE9AJ9YkbREqvv83NB93XJron/3OJ6I0wCeOF9p q/3lG08MwBOI0HxyRyuGOaY= =ipeW -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs
------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs
Current thread:
- Sourcefire VRT Certified Snort Rules Update 2010-06-05 Research (Jun 05)
- Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 infosec posts (Jun 07)
- Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 Nigel Houghton (Jun 07)
- Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 infosec posts (Jun 07)
- Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 Nigel Houghton (Jun 07)
- Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 L0rd Ch0de1m0rt (Jun 07)
- Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 Nigel Houghton (Jun 07)
- Re: Sourcefire VRT Certified Snort Rules Update 2010-06-05 infosec posts (Jun 07)