[Snort-sigs] RE: Signature Database
bking at ...2422...
Tue Apr 27 06:08:06 EDT 2004
While I definitely agree that it is important to maintain current
signatures, I am concerned about splintering our focus or duplicating
effort. Why couldn't a "submit signature" form exist on snort.org? Also,
QA is very important. If the signatures give false negatives or are easily
averted, then they are worse than nothing because folks might get a false
sense of security (not that Snort is the end all of security, of course).
Snort.org already is already known to many bright minds in our industry who
can vet signatures for quality and seems like the logical place to realize
your good idea.
More information about the Snort-sigs