Re: CVE vs VRT Rules

[Joel Esler <jesler () sourcefire com>]

We place the CVE for each rule it's applicable to in the rule itself.  Searching the Rules section of the Sourcefire 
GUI or a simple grep through the Open ruleset will tell you which rules for which CVEs there are.

If there are CVEs which we do not have coverage for, we can certainly try and develop coverage for it.  There are many 
factors to rule creation, but more than likely we'll be able to create coverage for it.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire

On Jun 24, 2013, at 9:05 PM, "Bandekar, Ravi" <Ravi.Bandekar () team telstra com> wrote:

> Hi
>  
> I would like to know how we are able to check if specific CVEs have been added to the VRT rules.
>  
> Thanks.
>  
> Kind Regards
>  
> Ravi Bandekar
> Security Technology Operations 
> Security Operations, Telstra Operations
> <image001.png>
>  
>  
>  
>  
>  
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by Windows:
>
> Build for Windows Store.
>
> http://p.sf.net/sfu/windows-dev2dev_______________________________________________
> Snort-sigs mailing list
> Snort-sigs () lists sourceforge net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
> http://www.snort.org
>
>
> Please visit http://blog.snort.org for the latest news about Snort!

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!