Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sourcefire VRT Certified Snort Rules Update 2015-01-27

From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Thu, 29 Jan 2015 00:36:10 +0000


On Jan 28, 2015, at 7:25 PM, lists () packetmail net wrote:

On 01/28/2015 06:17 PM, Joel Esler (jesler) wrote:

We have a metric ton of examples that don’t contain the “SP”.


Not trying to pick fights or anything, but I've got a Imperial Ton that shows
the PCRE frags all Upatre campaigns seen thus far... just trying to help.  You
guys got the Mazilla/5.0 too right?

Toss the Upatre stuff in VRT COMMUNITY and I'll do my best to keep you guys
updated w/samples, 90 day regression testing, etc.



I never mind throwing stuff in community.  What do I need to throw in there?  We currently have 55 rules that cover 
Upatre, only 6 of those were community submissions.  (Including the Mazilla rule even)  If we receive some intel about 
a particular rule, we can move it into community.

Attachment: smime.p7s
Description: 

------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: