Home page logo
/

snort logo Snort mailing list archives

Bases for writting snort rules
From: Guy Martial Nkenne Tchassi <nkennetguy () gmail com>
Date: Thu, 16 May 2013 13:34:15 +0100

Hi everyone,

I am wondering, what are the bases on wich the rules we download from
snort's website are written. Specifically, i want to know if there is a
sort of list describing the content of suspicious paquets in the network or
a sort of database of detected intrusions wich is updated regulary.
To be clearer, i will take the example of antiviruses. Most of them(if not
all) have a viral database on wich they relay in order to determine threats
on the systems on wich  they are installed. Then for each treat, there is a
sort of predefined set of actions that can be undertaken to eliminate the
threats.
I dont know if i've been understood. Please help me with these worries i
have.

Thanks.
------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]