[Snort-sigs] Please fix or disable emerging-tor.rules

Joel Esler (jesler) jesler at cisco.com
Tue Jul 31 10:29:16 EDT 2018


Bernhard,

We do not manage the emerging threats ruleset.  Snort-sigs is the mailing list for the official Snort ruleset.  Emerging Threats is managed by a third party.

--
Joel Esler
Manager, Community, Branding, and Open Source
Cisco Talos Intelligence Group

> On Jul 31, 2018, at 3:41 AM, Bernhard M. Wiedemann <bernhardout at lsmod.de> wrote:
> 
> Signed PGP part
> Hi,
> 
> I encountered severe false positives with the
> https://rules.emergingthreats.net/blockrules/emerging-tor.rules
> as described in
> https://lists.emergingthreats.net/pipermail/emerging-sigs/2018-July/028863.html
> 
> unfortunately nobody seemed to fix it yet, so I'd kindly ask snort to
> disable use of these broken rules (e.g. in VRT Community) until they are
> fixed.
> This will help to improve the life of innocent pool.ntp.org contributors
> and tor router operators.
> 
> 
> Ciao
> Bernhard M. Wiedemann
> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20180731/43182545/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20180731/43182545/attachment.sig>


More information about the Snort-sigs mailing list