[Snort-sigs] [Snort-users] VRT Rule Search is Back on Snort.org

Alex Kirk akirk at ...435...
Wed Nov 4 12:39:06 EST 2009


If you have false positive, send it in to research at ...3053... The VRT
monitors that list and will respond to submissions there.

On Wed, Nov 4, 2009 at 12:29 PM, Jefferson, Shawn <
Shawn.Jefferson at ...3402...> wrote:

>  Can you provide a mechanism for us to submit false positive information
> via this interface somehow?
>
>
>  ------------------------------
>
> *From:* Mike Guiterman [mailto:mguiterman at ...435...]
> *Sent:* Wednesday, November 04, 2009 9:15 AM
> *To:* Snort Users List; snort-sigs at lists.sourceforge.net
> *Subject:* [Snort-users] VRT Rule Search is Back on Snort.org
>
>
>
> Hi everyone,
>
> The updated VRT Rule Search feature is now live on Snort.org.  Check it out
> at: http://snort.org/search.
>
> Full text search supports the following:
>
>    - Single keyword or SID search (ex – ‘windows’, ‘mysql’, ‘linux’)
>    - Multiple keyword search (ex – ‘windows 2000’, ‘mysql 4.10’)
>    - Multiple keyword search with terms joined by the AND, OR, and NOTboolean operators (ex – ‘windows
>    AND 2000 NOT xp’)
>
> You can also search by rule fields to narrow your search results.  The
> available fields are:
>
>    - keyword
>    - cve
>    - bugtraq
>    - sid
>
> See the search instructions at: http://snort.org/rule-search-instructionsfor more information on using the enhanced search capabilities.
>
> For those of you using BASE, keep an eye out for an upcoming release.
> Kevin and the BASE team will be updating the direct links back to Snort.org
> for rules documentation.
>
> Finally, the next enhancement will be to add the ability to search by
> Microsoft advisory number.  We'll make an announcement when that feature is
> enabled.
>
> We'd love your feedback,  please email any comments or enhancement requests
> to snort-site at ...3053...  Our web developers monitor this list.
>
> Have a great day!
>
> Mike
>
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>



-- 
Alex Kirk
AEGIS Program Lead
Sourcefire Vulnerability Research Team
+1-410-423-1937
alex.kirk at ...435...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20091104/8d11a337/attachment.html>


More information about the Snort-sigs mailing list