Snort Signature Database.... Sort of

["James Ashton" <James () vortechhosting com>]

I, amoung many other people that I know, Are interested in keeping our snort instalations as relivant as possible. 
The most important single activity in this is to keep the signature base up to date. I think that the snort.org guys 
have done a realy wonderful job of releasing signatures frequently, But I would like to be able to keep more up to the 
minute with new exploits than they or any other group realy can. 

I run regular searches and often see people posting signatures on this and other lists but....   I thought it would be 
handy to have a single  "repository" of sorts. So with this in mind I set up phpBB (Yeah   I know) and am opening it up 
to everyone while I work on a better interface to put our signatures into I figured that this was easy and searchable.  

I would ask that yourpost titles be relevant to the signature... such as   

"Microsoft - SSLv3 sig - new"   or  

"Cisco IOS 12.1 buffer overflow attack  production"

This will make it easier down the road, If anyone actualy uses this,  and the signature base grows...    I am planning 
to keep this up no matter how big it gets.   So I am hoping that People will use it and make suggestions.

Link:   http://www.snort.gitflorida.com/phpBB2/

Well,   Anyone think this is a workable idea....  I am hoping it will help us all keep up to date.


James Ashton

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html