[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2012-10-23

Research research at ...435...
Tue Oct 23 17:19:04 EDT 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
This release introduces the following new rule categories.

  * browser-plugins
  * indicator-shellcode
  * os-linux
  * os-solaris
  * os-windows
  * os-other
  * policy-spam
  * protocol-finger
  * protocol-ftp
  * protocol-icmp
  * protocol-imap
  * protocol-pop
  * protocol-services
  * protocol-voip
  * pua-adware
  * pua-other
  * server-apache
  * server-iis
  * server-mssql
  * server-mysql
  * server-oracle
  * server-other
  * server-webapp

Also, the Sourcefire VRT has added and modified multiple rules in the
blacklist, browser-ie, browser-other, ddos, dns, dos, exploit,
exploit-kit, file-flash, file-identify, file-multimedia, file-office,
indicator-compromise, indicator-shellcode, malware-cnc, malware-other,
os-linux, os-windows, protocol-finger, protocol-ftp, protocol-icmp,
protocol-imap, protocol-pop, protocol-services, protocol-voip, scada,
specific-threats and web-misc rule sets to provide coverage for
emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2012-10-23.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFQhwddaBoqZBVJfwMRAo+pAJ9CNyfShV7mEA2A3a1fa5e303GCSgCcCUxd
HpXCB84lOW4+NbbgsCFxKhk=
=uSC6
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list