Snort mailing list archives
Re: specific-threats file messed up?
From: Joel Esler <jesler () sourcefire com>
Date: Wed, 15 Sep 2010 18:50:42 -0400
We'll take a look. Thanks. J On Wed, Sep 15, 2010 at 5:57 PM, waldo kitty <wkitty42 () windstream net>wrote:
just noticing the thread about specific-threats.rules so i took a peek at mine and the first thing i note is that it seems to be "broken"... "broken" in that there are 6 rules listed /ABOVE/ the copyright boilerplate text... specific-threats.rules 1:1900:12 1:1901:13 1:1810:15 1:1811:13 1:16287:3 1:12202:3 so i took a peek at all the VRT rules files and found more that are skagged in this same manner of rules listed above the copyright boilerplate... botnet-cnc.rules 1:10403:6 1:13953:4 1:10114:7 1:9418:9 1:10113:7 1:15297:3 1:15296:4 1:15295:4 1:15423:3 1:15481:7 1:15553:4 1:15730:4 1:15938:4 1:16297:3 1:16299:3 1:16298:3 1:16302:3 1:16303:3 1:16304:3 1:16368:3 1:16391:5 1:16441:4 1:16442:3 1:16440:6 1:16439:3 1:16459:5 1:16485:6 1:16484:6 1:16483:4 1:16527:4 1:16528:4 1:16526:3 exploit.rules 1:15490:2 1:15906:3 1:15907:3 oracle.rules 1:3532:7 1:3630:7 1:3631:7 policy.rules 1:490:8 1:493:7 rpc.rules 1:12458:4 telnet.rules 1:492:11 1:718:10 voip.rules 1:12359:5 web-misc.rules 1:976:15 scada.rules and web-activex.rules don't even have a copyright boilerplate section in them! granted, these rules being there doesn't hurt anything due to the format of the rules files but still... sumptin' ain't right in the land of gosh'n... ------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- specific-threats file messed up? waldo kitty (Sep 15)
- Re: specific-threats file messed up? Patrick Mullen (Sep 15)
- Re: specific-threats file messed up? waldo kitty (Sep 15)
- Re: specific-threats file messed up? Joel Esler (Sep 15)
- Re: specific-threats file messed up? Patrick Mullen (Sep 15)