Re: Reliability of signatures

[Joel Esler <jesler () sourcefire com>]

On Fri, Feb 4, 2011 at 10:23 AM, Martin Roesch <roesch () sourcefire com>wrote:

> On Fri, Feb 4, 2011 at 10:16 AM, Jim Hranicky <jfh () ufl edu> wrote:
> > On Fri, 4 Feb 2011 09:13:12 -0600
> > Martin Holste <mcholste () gmail com> wrote:
> >
> > > > Seems like there'd almost need to be a central place that various
> > > > entities could report their findings. I know we've got rules that we
> > > > rely on heavily and work very well for us, but other than mailing
> lists
> > > > there's no place to report our findings.
> > >
> > > Hm, you mean like a vote up/down system like StackOverflow.com?  That
> > > could be really interesting.  It would be very valuable to see what
> > > others are finding to be helpful.
> >
> > Sure, something like that - that would actually be very cool.
>
> I like that idea too.  It'd make a lot of sense to integrate it into
> snort.org - in fact there's probably a lot of data about Snort
> detection performance, config options and rule quality we could put up
> there.  Communication favors the defender...
I would think it would need to have some kind of automatic reporting method,
perhaps with manual commenting?

J
-- 
Joel Esler | 706-231-1451 | http://blog.snort.org | http://blog.clamav.net

------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world? 
http://p.sf.net/sfu/oracle-sfdevnlfb

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users