Snort mailing list archives
Bases for writting snort rules
From: Guy Martial Nkenne Tchassi <nkennetguy () gmail com>
Date: Thu, 16 May 2013 13:34:15 +0100
Hi everyone, I am wondering, what are the bases on wich the rules we download from snort's website are written. Specifically, i want to know if there is a sort of list describing the content of suspicious paquets in the network or a sort of database of detected intrusions wich is updated regulary. To be clearer, i will take the example of antiviruses. Most of them(if not all) have a viral database on wich they relay in order to determine threats on the systems on wich they are installed. Then for each treat, there is a sort of predefined set of actions that can be undertaken to eliminate the threats. I dont know if i've been understood. Please help me with these worries i have. Thanks.
------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Bases for writting snort rules Guy Martial Nkenne Tchassi (May 16)
- Re: Bases for writting snort rules lists () packetmail net (May 16)
- Re: Bases for writting snort rules Guy Martial Nkenne Tchassi (Jun 04)
- Re: Bases for writting snort rules Joel Esler (Jun 04)
- Re: Bases for writting snort rules Guy Martial Nkenne Tchassi (Jun 06)
- Re: Bases for writting snort rules Guy Martial Nkenne Tchassi (Jun 04)
- Re: Bases for writting snort rules lists () packetmail net (May 16)