[Snort-sigs] Re: [Snort-users] ViruSNORT

Matt Jonkman matt at ...2436...
Sun Aug 1 12:00:07 EDT 2004


We checked the site and project out as well. We'd love to add a virus branch to bleeding snort. especially one with all the work already done. :)

Couldn't find anything to download though. If anyone gets contact with the original developer or has a copy of the rules please send then our way.

Matt

-----Original Message-----
   >From: "Charles Heselton"<charles.heselton at ...2420...>
   >Sent: 8/1/04 1:08:47 PM
   >To: "David Glosser"<david_glosser at ...144...>
   >Cc: "snort-users at lists.sourceforge.net"<snort-users at ...1306...et>, "snort-sigs at lists.sourceforge.net"<snort-sigs at lists.sourceforge.net>
   >Subject: [Snort-sigs] Re: [Snort-users] ViruSNORT
   >
   >----- Original Message -----
   >From: David Glosser <david_glosser at ...144...>
   >Date: Sun, 1 Aug 2004 08:39:55 -0400
   >Subject: [Snort-users] ViruSNORT
   >To: snort-users at lists.sourceforge.net, snort-sigs at lists.sourceforge.net
   >
   >
   >I was doing some googling on supplemental snort rules and found a
   >project I don't remember being mentioned on the snort-users or
   >snort-sigs lists called ViruSNORT, which is dedicated to detecting
   >worms, trojans, viruses, etc. Looks interesting, as either a separate
   >app or perhaps just to add the rules to a base snort install.
   > 
   >http://www.virusnort.resea?rch.kelsisiler.com/
   > 
   >However, the download page seems to down at present...  :(
   >
   >Cool.  Thanks.  I would think that there might be some interest in
   >this.  The "Bleeding-edge" rules now have an off-shoot called
   >bleeding-edge-malware, because of the number of malicious code
   >releases recently.
   >
   >
   >-- 
   >Charlie Heselton
   >Network Security Engineer
   >
   >
   >-------------------------------------------------------
   >This SF.Net email is sponsored by OSTG. Have you noticed the changes on
   >Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
   >one more big change to announce. We are now OSTG- Open Source Technology
   >Group. Come see the changes on the new OSTG site. www.ostg.com
   >_______________________________________________
   >Snort-sigs mailing list
   >Snort-sigs at lists.sourceforge.net
   >https://lists.sourceforge.net/lists/listinfo/snort-sigs
 




More information about the Snort-sigs mailing list