Snort mailing list archives
Re: Snort rules snapshot archive?
From: Miso Patel <miso.patel () gmail com>
Date: Tue, 24 Sep 2013 12:51:10 -0400
Joel, I'm thinking it could be SANS. I have talked with a number of SANS people a while back and they always tout IDS as a good research topic for their "gold" certification (or whatever it is called where you have to write a research paper, similar to graduate school but not accredited or a real school thesis). One of my engineers went to a SANS class a few years ago and came back all fired up about writing a paper on "iDS - Intrusion Detection for Mac Users" but I don't remember the details. That got shut down pretty quick. We don't allow Macs in our environment and they aren't really a target anyway like MS Windows is so we couldn't justify giving him the time to do it since we wouldn't reap any benefits from it. HTH. -Miso, CISO On Tue, Sep 24, 2013 at 12:07 PM, Joel Esler <jesler () sourcefire com> wrote:
On Sep 24, 2013, at 12:04 AM, <wkitty42 () windstream net> < wkitty42 () windstream net> wrote:On Monday, September 23, 2013 10:05 PM, yordanos beyene <yordanosb () gmail com> wrote:I am working on a reasearch paper to study Snort rules growth and itsimpact on performance.I appreciate if any one could help me download Snort rules snapshot forthe last 5 to 10 years.Is there any archive to access such rules?you are not the first to have asked about such in the last month ortwo... the answer then as now is that there is no such archive available... old version rules are removed from distribution when the old snort for them is EoL'd...it matters not what the purpose of the request is... it is simplyimpossible to fulfill… Which University gives this assignment out every year? Joel ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort rules snapshot archive? yordanos beyene (Sep 23)
- <Possible follow-ups>
- Re: Snort rules snapshot archive? wkitty42 (Sep 23)
- Re: Snort rules snapshot archive? yordanos beyene (Sep 23)
- Re: Snort rules snapshot archive? Joel Esler (Sep 24)
- Re: Snort rules snapshot archive? Miso Patel (Sep 24)
- Re: Snort rules snapshot archive? Jeffrey Stebelton (Sep 25)
- Re: Snort rules snapshot archive? wkitty42 (Sep 24)
- Re: Snort rules snapshot archive? JeeHyun Hwang (Sep 24)
- Re: Snort rules snapshot archive? yordanos beyene (Sep 24)
- Re: Snort rules snapshot archive? Joel Esler (Sep 24)