Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-sigs] OSSRC Rules Overlap Committee

from [Blake Hartstein] Network Security [Permanent Link]
Subject: Re: [Snort-sigs] OSSRC Rules Overlap Committee
Date: Tue, 31 Jan 2006 17:18:42 -0800
Dear Current or Future Committee Members,
As a possible solution to this problem, I think it would be reasonable to allow a 'vendor' keyword in the sid keyword. Take the following as an example,
FORMAT sid:vendor,value;

sid:vrt,1234;
sid:bleeding,1234;

Of course the default options could still be allowed, but this would certainly solve the problems of allowing multiple people to independently manage their own sids.
sid:1234;

Then once that is done, we would just need to create the 'Vendor Naming Committee'...
What do you think?

-Blake




Jennifer Steffens wrote:

The Open Source Snort Rules Consortium (OSSRC) is seeking several qualified individuals to head up our first committee. This committee will be chartered with defining a method to identify and either prevent or help users understand the overlap and differences between similar rules in the open source Snort rulesets.

These individuals should have better than average understanding of Snort
rules. The most likely candidates will be those that work in the
industry and with Snort on a regular basis.

We anticipate this role will take a number of hours commitment up front
to define the process and method, but long term will likely not be a
significant load.

Please email ossrc@snort.org with questions or to be considered for this committee.

Cheers,
Jennifer




--
This email and any files transmitted with it are solely intended for the use of 
the addressee(s) and may contain information that is confidential and 
privileged.  If you receive this email in error, please advise us by return 
email immediately. Please also disregard the contents of the email, delete it 
and destroy any copies immediately.  Demarc Security, Inc. does not accept 
liability for the views expressed in the email or for the consequences of any 
computer viruses that may be transmitted with this email.

This email is also subject to copyright. No part of it should be reproduced, 
adapted or transmitted without the written consent of the copyright owner.



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] new rule for detect ZeroDay winamp PlayList, rmkml
Next by Date:  Re: [Snort-sigs] OSSRC Rules Overlap Committee, Jeff Kell
Previous by Thread:  [Snort-sigs] OSSRC Rules Overlap Committee, Jennifer Steffens
Next by Thread:  Re: [Snort-sigs] OSSRC Rules Overlap Committee, Jeff Kell
Indexes:  [Date] [Thread] [Top] [All Lists]