[Snort-sigs] Rule Set Completness
gentoowally at ...2420...
Mon May 8 12:01:04 EDT 2006
I have trolled around on the forums at both snort.org and at
bleedingsnort.org and taken a look at ossrc.snort.org, but I'm still a
little fuzzy on the relationship (or lack there of) of the different
rule sets. Couple of questions...
1. Is the VRT set suppose to be a "complete" (for the lack of a better
word. Maybe adequate would be better?) rule set capable of independent
deployment. "Complete" meaning including rules for most known
2. Would a "complete" or "more complete" set include the combination
of VRT+Community+BleedingEdge Snort. If so...
3. Would the combination of VRT+Community+BleedingEdge result in a lot
of duplicate signatures?
More information about the Snort-sigs