[Snort-sigs] Bases for writting snort rules
Guy Martial Nkenne Tchassi
nkennetguy at ...2420...
Thu May 16 08:34:15 EDT 2013
I am wondering, what are the bases on wich the rules we download from
snort's website are written. Specifically, i want to know if there is a
sort of list describing the content of suspicious paquets in the network or
a sort of database of detected intrusions wich is updated regulary.
To be clearer, i will take the example of antiviruses. Most of them(if not
all) have a viral database on wich they relay in order to determine threats
on the systems on wich they are installed. Then for each treat, there is a
sort of predefined set of actions that can be undertaken to eliminate the
I dont know if i've been understood. Please help me with these worries i
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-sigs