Snort mailing list archives
Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody?
From: Jason Brvenik <jason () sourcefire com>
Date: Sun, 20 Mar 2011 01:39:42 -0400
On Sat, Mar 19, 2011 at 10:35 PM, evilghost () packetmail net <evilghost () packetmail net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Jason, On 03/19/11 21:19, Jason Brvenik wrote:Malware is a problem and we spent good money on a solution that approaches the problem in a way that can be successful without being continually in a signature rat race. Feel free to ask any questions about the approach after you have given Immunet a try - http://www.immunet.com/main/index.htmlLooks like this is Win32 only? http://www.immunet.com/plus/requirements/index.html
Yes, the focus in on the area where the problem is most prevalent.
What's the future hold for the emerging threats since we're seeing an evolution in malware around the Android "platform", OS X, etc? Very eager to hear the roadmap if you're willing to share. I still don't think it's fair to say malware == Win32 and an in-the-cloud HIDS/AV supplement mitigates the need for an IDS inspecting malware traffic.
Right now the focus is on the platform that is most plagued with the problem. I don't have numbers handy but I think that the issue is on the order of 5+ nines windows VS others. Also remember that Clam runs on most platforms and has the ability to create personalized protections against the personalized threats out there today. It is a strength it has brought to the table for a long time now. If you have ideas or things you would like to see on the roadmap feel free to share off list and I can pass it along.
I'll drive a nail with a wrench or rock when the hammer is 30 minutes away...
Me too. I'll drive a nail with anything I have if I need to but I'm not going to build a house with a rock and screws.
- -evilghost -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJNhWgDAAoJENgimYXu6xOHD34P/0EOrT0B2Orb0xje7XXIaYEm uB+PYUmxDiXysarfpO8G/08a5gxnUZSu1HClMFjy2p3UH++3C+N2LIbH31vz1UmE kfa7GeFYDLzykJpZpUtqNNIAdn7X3m8IHrNmqUR2BABN8XZHfD934pa5HFDtFaIJ 0w37w2fYiP8jcf0FUC2O+nbjIyor/QOYRHMcx4AQWAUHi8mCCj4O76yUJASSncip zZBZTMEvsiOv7UEKRmA+dJqP5OJDVVkVm8rCTCtXNK+xmNcIgWvnBK9R8ig+nwcO GEml4zc4BAaDW7NjqybOTk6EDu2RHH2licHzZ3byBcFgyx7jewGtcKHtZFo3zI/5 WxQqtgi/bhdlU3d7ejpvdlGwcQZIKL7XpbOJD3BTJIj4Vb+NjD5TeXvabXQTvePM m/jgUVObtdjb1nbtWuryB6Qe0TjuCQ/az7trGaZx6znChMB9VqadmmpGuoc1OYbR W7ccZElEeKX0AzRyqPtU0deDlTg1OV1bbREoV4x5+EHz7HZZKJROX4JrDmo5KKz5 wxz3tbpbcsUEnt3YR0kt9BsRZT8BKP0TH6E7gSM7VKal5OMNw7dLxkEtZLV9teW3 Ge8678vEp6npqvfoV2aAPCHlbFhbCEQYSbKPD6kulqRj9eiwVJ4Pl00sJ/V5BLSB XUOqg3WA9wrbV8aGtP9m =REmR -----END PGP SIGNATURE-----
------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody?, (continued)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Joel Esler (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Message not available
- Message not available
- Message not available
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Martin Holste (Mar 20)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Martin Roesch (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Martin Roesch (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Martin Roesch (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Randal T. Rioux (Mar 20)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matt Olney (Mar 21)