Re: Snort-sigs Digest, Vol 15, Issue 17

[Muthukannan Palaniappan via Snort-sigs <snort-sigs () lists snort org>]

Okay got it. Following Cisco TAC support(Alejandro Arguello) instructed me to follow below steps and case number: 
685042213. Regarding new snort ID creation Cisco Tac support is the right point of contact?


Regards,
Muthu

From: Joel Esler (jesler) [mailto:jesler () cisco com]
Sent: Friday, August 17, 2018 11:42 PM
To: Muthukannan Palaniappan <muthukannan.p () happiestminds com>
Cc: snort-sigs () lists snort org
Subject: Re: [Snort-sigs] Snort-sigs Digest, Vol 15, Issue 17

Please provide me the name of the person handling your TAC request directly (off list) please.  You are a firepower 
customer, your appropriate place for requesting coverage is TAC.  
Snort.org<https://apac01.safelinks.protection.outlook.com/?url=http%3A%2F%2FSnort.org&data=01%7C01%7Cmuthukannan.p%40happiestminds.com%7C06e2d9a4dd3842eacd1c08d6046cde78%7C7742820587ff4048a64591b337240228%7C0&sdata=uy5as581hkogo4NoeN4xKVkJpKZEFloe9WMqu%2B8M8GI%3D&reserved=0>
 is for Open Source Snort users.  This is a different purchase from your Firepower device.




On Aug 17, 2018, at 2:09 PM, Muthukannan Palaniappan <muthukannan.p () happiestminds com<mailto:muthukannan.p () 
happiestminds com>> wrote:

Hello,
I raise a case with Cisco Tac support they advised me to request 
Snort.org<https://apac01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsnort.org%2F&data=01%7C01%7Cmuthukannan.p%40happiestminds.com%7C06e2d9a4dd3842eacd1c08d6046cde78%7C7742820587ff4048a64591b337240228%7C0&sdata=vRu%2FC55wq4nk8u6otn9nXZG%2FNrxZ6yoxDJyn%2FpF%2B0dY%3D&reserved=0>
 directly for new snort ID updating.  Below mentioned recent ransomware variant are not update in the snort DB, please 
guide me who should I contact. Whether 
Snort.org<https://apac01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsnort.org%2F&data=01%7C01%7Cmuthukannan.p%40happiestminds.com%7C06e2d9a4dd3842eacd1c08d6046cde78%7C7742820587ff4048a64591b337240228%7C0&sdata=vRu%2FC55wq4nk8u6otn9nXZG%2FNrxZ6yoxDJyn%2FpF%2B0dY%3D&reserved=0>
 has any tac support.


Regards,
Muthu

From: Joel Esler (jesler) [mailto:jesler () cisco com]
Sent: Friday, August 17, 2018 11:33 PM
To: Muthukannan Palaniappan <muthukannan.p () happiestminds com<mailto:muthukannan.p () happiestminds com>>
Cc: snort-sigs () lists snort org<mailto:snort-sigs () lists snort org>
Subject: Re: [Snort-sigs] Snort-sigs Digest, Vol 15, Issue 17

Have you filed a support request?  Since you are a Firepower customer, the snort-sigs list is an inappropriate place to 
request coverage.  You have a support system available to you that allows for better tracking.

--
Joel Esler
Sr. Manager
Community, Branding, and Open Source
Talos Group
http://www.talosintelligence.com<https://apac01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.talosintelligence.com&data=01%7C01%7Cmuthukannan.p%40happiestminds.com%7C21e2388ab37947e71e8a08d6046bb7e9%7C7742820587ff4048a64591b337240228%7C0&sdata=wedqvi763%2B7whgZv%2BNxmDjfKD3ajJbzMj4tk0Vf%2BH5Y%3D&reserved=0>



On Aug 17, 2018, at 2:01 PM, Muthukannan Palaniappan <muthukannan.p () happiestminds com<mailto:muthukannan.p () 
happiestminds com>> wrote:

Hello Snort team,

I’m from PepBoys account and using Cisco firepower IPS, below mentioned recent ransomware variant is not added in the 
Snort DB. Please review below list and enhance the Snort DB as soon as possible. Once update done please let us know 
the concern Snort ID for below mentioned ransomware variant.

LIST OF RECENT RANSOMWARE VARIANT(NOT ADDED IN SNORT DATABASE):


  *   Zoldon Ransomware
  *   Spartacus Ransomware
  *   Paradise Ransomware Variant
  *   Revenge RAT
  *   DarkHydrus
  *   BitPaymer Ransomware
  *   Hermes Ransomware
  *   Shrug2 Ransomware
  *   Hermes Ransomware
  *   CMSTP.exe code execution

Regards,
Muthukannan Palaniappan


From: Joel Esler (jesler) [mailto:jesler () cisco com]
Sent: Friday, August 17, 2018 11:30 PM
To: Muthukannan Palaniappan <muthukannan.p () happiestminds com<mailto:muthukannan.p () happiestminds com>>
Cc: snort-sigs () lists snort org<mailto:snort-sigs () lists snort org>
Subject: Re: [Snort-sigs] Snort-sigs Digest, Vol 15, Issue 17

Update for what?




On Aug 17, 2018, at 1:53 PM, Muthukannan Palaniappan via Snort-sigs <snort-sigs () lists snort org<mailto:snort-sigs () 
lists snort org>> wrote:

Hello,

I check in 
snort.org<https://apac01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsnort.org%2F&data=01%7C01%7Cmuthukannan.p%40happiestminds.com%7C7dcf63f4f1e64eec1b8908d6046b369f%7C7742820587ff4048a64591b337240228%7C0&sdata=zN7EGeieQX%2BQiDDX4dEsLAd5GpXauwlgo%2BsNDA5%2BgQc%3D&reserved=0>
 but Snort DB is not updated. Please let me know when I will update.

________________________________
Happiest Minds Disclaimer
This message is for the sole use of the intended recipient(s) and may contain confidential, proprietary or legally 
privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the 
original intended recipient of the message, please contact the sender by reply email and destroy all copies of the 
original message.
Happiest Minds Technologies 
<https://apac01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.happiestminds.com%2F&data=01%7C01%7Cmuthukannan.p%40happiestminds.com%7C21e2388ab37947e71e8a08d6046bb7e9%7C7742820587ff4048a64591b337240228%7C0&sdata=vm%2FHfvLHpsl38yv5fRrxUKsWvbVG%2BfaQ6Ftan1GJWzo%3D&reserved=0>
________________________________

________________________________
Happiest Minds Disclaimer
This message is for the sole use of the intended recipient(s) and may contain confidential, proprietary or legally 
privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the 
original intended recipient of the message, please contact the sender by reply email and destroy all copies of the 
original message.
Happiest Minds 
Technologies<https://apac01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.happiestminds.com%2F&data=01%7C01%7Cmuthukannan.p%40happiestminds.com%7C06e2d9a4dd3842eacd1c08d6046cde78%7C7742820587ff4048a64591b337240228%7C0&sdata=iiTAMWWc2eekBb1eSC07f4jBm6mzD5ze%2F%2FaoE05Pse0%3D&reserved=0>

________________________________
Happiest Minds Disclaimer

This message is for the sole use of the intended recipient(s) and may contain confidential, proprietary or legally 
privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the 
original intended recipient of the message, please contact the sender by reply email and destroy all copies of the 
original message.

Happiest Minds Technologies <http://www.happiestminds.com>

________________________________

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!