Re: Snort sigs for BlackEnergy v3 / lite

[waldo kitty <wkitty42 () windstream net>]

On 10/10/2014 9:23 AM, David Bryant wrote:
> Are there any signatures to detect the newer variants of BlackEnergy
> (i.e. v3 / lite) or any being written other than from Emerging Threats?
> I did not see any from Sourcefire VRT, but thought I'd ask in case I
> missed them or they are under a different name.

please don't hijack an existing thread for a new topic... many who might be able 
to help might have that thread blocked and would miss your post... you should 
post your topic as a new message to get the widest viewing...

https://github.com/vrtadmin/snort-faq/blob/master/Lists/What-is-the-mailing-list-nettiquete.md

i can't help with your question... maybe others can if/when they find your new 
topic...

-- 
  NOTE: No off-list assistance is given without prior approval.
        Please *keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!