Snort mailing list archives
Re: NTP rule?
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Tue, 23 Dec 2014 23:28:29 +0000
Following up — The rule was just published: http://blog.snort.org/2014/12/snort-subscriber-rule-set-update-for_17.html <http://blog.snort.org/2014/12/snort-subscriber-rule-set-update-for_17.html>
On Dec 23, 2014, at 1:44 PM, Joel Esler (jesler) <jesler () cisco com> wrote: Only one of the rules is coverable from a network point of view, and the detection is very plain. We are currently testing and if possible tweaking detection. -- Joel Esler Open Source Manager Threat Intelligence Team Lead TalosOn Dec 23, 2014, at 9:57 AM, John York <YorkJ () brcc edu <mailto:YorkJ () brcc edu>> wrote: Are there rules yet for CVE-2014-9293 thru CVE-2014-9296? Thanks John ------------------------------------------------------------------------------ Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net <http://goparallel.sourceforge.net/> _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net <mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!------------------------------------------------------------------------------ Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Attachment:
smime.p7s
Description:
------------------------------------------------------------------------------ Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- NTP rule? John York (Dec 23)
- Re: NTP rule? Joel Esler (jesler) (Dec 23)
- Re: NTP rule? Joel Esler (jesler) (Dec 23)
- Re: NTP rule? Joel Esler (jesler) (Dec 23)