[Snort-users] snort rules...since whitehats.com is apparantly down still

fluid fluid at ...4580...
Tue Jan 15 21:48:02 EST 2002


up front, im sending this to the demarc-users group as well. trying to get
as much of these as possible. --

im looking for a set of rules to monitor just about anything i can think of
to monitor...trouble is, im pretty sure that someone out there will have a
lot of these already done...

i want better porn rules, multiplayer game detection, web site access rules,
p2p chat clients/p2p file sharing apps, etc...mainly to run on my home
machine, and study them to learn more and more about identifying things on
my own. for instance, i have written a rule to run on ghost recon servers
that identifies when a person connects, so you can tie their username back
to an ip address (since the monkeys at red storm didnt include a way to do
it).

anybody care to send their rules to fluid at ...4580... or to this list...or do
you know of a site that catalogs rules and makes them available to the
general public for download/use?

thanks.

--fluid






More information about the Snort-users mailing list