Snort mailing list archives
Re: CVE-2012-5076 and CVE-2012-1723 Rules
From: Joel Esler <jesler () sourcefire com>
Date: Mon, 26 Nov 2012 12:22:12 -0500
Thanks Will. That's probably why we don't catch it. :) I'll look into Sweet Orange. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Nov 26, 2012, at 12:19 PM, Will Metcalf <william.metcalf () gmail com> wrote:
Just to make something clear this is not BHEK. This is what Chirs Wakelin labeled Pamdql what we later found out was Sweet Orange EK. Not that anybody probably cares all that much :)... Regards, Will On Mon, Nov 26, 2012 at 9:28 AM, Joel Esler <jesler () sourcefire com> wrote:On Nov 26, 2012, at 10:21 AM, "lists () packetmail net" <lists () packetmail net> wrote: On 11/26/2012 09:14 AM, Joel Esler wrote: As far as the community ruleset, the tl;dr is yes. Excellent, thanks Joel, and thanks too for taking my E-Mail in the context it was intended -- Friendly open discussion around differences in both rule sets. I am very much looking forward to this getting completed and working with you again. Cooperation in the info sec community ensures the greater good will benefit. Having a well structured and working feedback loop from community input (rules, URL structures, PCAPs, etc) will certainly strengthen the ruleset in the same way it has on the ET side. So what we've been doing in the meantime is accepting any submissions that come in (some attributed via the blog, some don't want to be attributed which is fine) and putting them in after testing via our normal methods. When the community ruleset is rolled out, a metadata tag will be added to those rules that have been submitted by the community, and all those will be placed into their own ruleset for free-to-everyone download. Subscribers will not have to do anything. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- CVE-2012-5076 and CVE-2012-1723 Rules Snort Troubleshooting (Nov 25)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Joel Esler (Nov 25)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules lists () packetmail net (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Joel Esler (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules lists () packetmail net (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Joel Esler (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Will Metcalf (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Joel Esler (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules lists () packetmail net (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Joel Esler (Nov 25)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Y M (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Miso Patel (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Y M (Nov 26)
- Re: CVE-2012-5076 and CVE-2012-1723 Rules Joel Esler (Nov 26)