Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Sourcefire VRT Certified Snort Rules Update 2011-11-02

From: Research <research () sourcefire com>
Date: Wed, 2 Nov 2011 14:52:51 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
The Sourcefire VRT has added and modified multiple rules in the
backdoor, blacklist, chat, deleted, dos, exploit, file-identify, ftp,
misc, multimedia, policy, specific-threats, spyware-put, web-activex
and web-misc rule sets to provide coverage for emerging threats from
these technologies.

This release introduces the file-identify.rules category. The purpose
of this category is to standardize the structure of rules that set a
flowbit used to identify file downloading activities.  A new port
variable, FILE_DATA_PORTS, accompanies this category and contains a
ports list used by these rules to identify the download of file types.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2011-11-02.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFOsZGDaBoqZBVJfwMRAqX4AJ4jchfS5BpF8ZjUB4wUPcioOGSZCwCeMycW
xi+YlYRXmUQ3E1dO82lUll8=
=V3vo
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: