Snort mailing list archives
Re: Question - snort v2.9.6.0 rules
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Tue, 4 Mar 2014 17:47:23 +0000
Within the rules we use a variety of references that you may look at to tell which vulnerabilities the rules cover, and from what year. I encourage you to download the registered ruleset and grep through for “CVE” numbers, etc. -- Joel Esler | Threat Intelligence Team Lead | Open Source Manager | Vulnerability Research Team On Mar 4, 2014, at 12:07 PM, Eray Balkanli <Eray.Balkanli () Dal Ca> wrote:
Hi, I am a graduate Computer Science student at Dalhousie University. I have been working on some network records by using the rules included in Snort v2.9.6.0. I have a question related to those rules; I will be grateful if you reply. May I ask that for how many recent years the defined rules are based on? I mean, from which year the attack signatures of malicious packets have been regarded? Thank you very much in advance! Best regars, Eray ------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Question - snort v2.9.6.0 rules Eray Balkanli (Mar 04)
- Re: Question - snort v2.9.6.0 rules Joel Esler (jesler) (Mar 04)
- Message not available
- YNT: Question - snort v2.9.6.0 rules Eray Balkanli (Mar 07)
- İLT: Question - snort v2.9.6.0 rules Eray Balkanli (Mar 09)
- Re: İLT: Question - snort v2.9.6.0 rules Joel Esler (jesler) (Mar 10)
- Message not available
- Re: Question - snort v2.9.6.0 rules Joel Esler (jesler) (Mar 04)