Snort mailing list archives

Re: DISA IPS Rule vs Snort Rule (UNCLASSIFIED)

From: "Joel Esler \(jesler\) via Snort-sigs" <snort-sigs () lists snort org>
Date: Wed, 9 Jan 2019 16:32:13 +0000

I think what you mean to say is "DISA IPS Requirements".  Those aren't rules in the way that Snort users think about 
the word "rules".

That being said, I'd contact your Cisco sales rep or security engineer and have them work with you on this.   It's kind 
of outside the scope of this particular list.

--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com

On Jan 7, 2019, at 3:33 PM, Saunders, George E CTR (US) via Snort-sigs <snort-sigs () lists snort org> wrote:

CLASSIFICATION: UNCLASSIFIED

Hello,

I am trying to find a comparison chart between Cisco FirePower IPS Snort Rules and DISA IPS rules.

Here is a link to the DISA IPS Rules.
https://vaulted.io/library/disa-stigs-srgs/intrusion_detection_and_prevention_systems_idps_security_requirements_guide?version=V2R4

I need to compare the DISA Vulnerability ID with Snort Rule ID.

I have found a few matches for example:
DISA Vulnerability ID  V-34788 matches Snort ID 404, 386, and 387.

Thanks
George


George Saunders (CTR)
Network Administrator
Fort Bragg Mission Training Complex
General Dynamics (GDIT)
910-908-5449
DSN 498-5449





CLASSIFICATION: UNCLASSIFIED
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

Attachment: smime.p7s
Description:

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

Current thread:

DISA IPS Rule vs Snort Rule (UNCLASSIFIED) Saunders, George E CTR (US) via Snort-sigs (Jan 09)
- Re: DISA IPS Rule vs Snort Rule (UNCLASSIFIED) Joel Esler (jesler) via Snort-sigs (Jan 09)