[Snort-sigs] Yahoo, Hotmail, and unauth sigs

Nigel Houghton nigel at ...435...
Fri May 28 09:22:18 EDT 2004

On  0, Nigel Houghton <nigel at ...435...> allegedly wrote:
> One more nitpicky thing, it's always nice if things are laid out
> consistently, like each rule ending with sid:123; rev:1; but that's just
> me probably :)

I forgot to mention that it might also be useful to use BLEEDING-EDGE in
the msg part for each of your rules in the bleeding.rules file, just to
keep things in line with the rule sets from snort.org.

Nigel Houghton       Research Engineer        Sourcefire Inc.
                 Vulnerability Research Team

In an emergency situation involving two or more officers of equal rank,
seniority will be granted to whichever officer can program a vcr.

More information about the Snort-sigs mailing list