Home page logo
/

snort logo Snort mailing list archives

Re: web-??.rules are empty
From: Y M <snort () outlook com>
Date: Thu, 16 May 2013 13:09:31 +0000

My understanding is that rules in the web-iis.rules have been recategorized as server-iis.rules. Check out:
 
http://blog.snort.org/2012/10/rule-category-reorganization-phase-3.html
 
Also it is my understanding that the web-iis.rules file is still there to ensure backward compatibility with older 
versions of Snort that are/were deployed.
 
Thanks.
 
Date: Thu, 16 May 2013 13:01:00 +0000
From: carlopmart () gmail com
To: snort-users () lists sourceforge net
Subject: [Snort-users] web-??.rules are empty

Hi all,

 Downloading rules 5 minutes ago, some rules files appears empty:

-rw-r--r--  1 1210  1210   999 Apr 15 19:33 web-activex.rules
-rw-r--r--  1 1210  1210  1390 Apr 15 19:33 web-attacks.rules
-rw-r--r--  1 1210  1210  1520 Apr 15 19:33 web-cgi.rules
-rw-r--r--  1 1210  1210  1113 Apr 15 19:33 web-client.rules
-rw-r--r--  1 1210  1210  1008 Apr 15 19:33 web-coldfusion.rules
-rw-r--r--  1 1210  1210  1006 Apr 15 19:33 web-frontpage.rules
-rw-r--r--  1 1210  1210   998 Apr 15 19:33 web-iis.rules
-rw-r--r--  1 1210  1210  3838 Apr 15 19:33 web-misc.rules
-rw-r--r--  1 1210  1210  1002 Apr 15 19:33 web-php.rules

more web-iis.rules
# Copyright 2001-2012 Sourcefire Inc. All Rights Reserved.
#
# This file may contain proprietary rules that were created, tested and
# certified by Sourcefire, Inc. (the "VRT Certified Rules") as well as
# rules that were created by Sourcefire and other third parties and
# distributed under the GNU General Public License (the "GPL Rules").  The
# VRT Certified Rules contained in this file are the property of
# Sourcefire, Inc. Copyright 2012 Sourcefire, Inc. All Rights Reserved.
# The GPL Rules created by Sourcefire, Inc. are the property of
# Sourcefire, Inc. Copyright 2002-2012 Sourcefire, Inc. All Rights
# Reserved.  All other GPL Rules are owned and copyrighted by their
# respective owners (please see www.snort.org/contributors for a list of
# owners and their respective copyrights).  In order to determine what
# rules are VRT Certified Rules or GPL Rules, please refer to the VRT
# Certified Rules License Agreement.
#
#---------------
# WEB-IIS RULES
#---------------

....

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
                                          
------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault