[Snort-users] Which rules to use for snort ?
mkettler at ...4108...
Mon Jun 3 13:01:01 EDT 2002
If you go to the whitehats site you will notice that while it is up and
running, it has not changed in content since November of 2001. Until they
start updating and running normally again I would suggest that you consider
the vision rulesets to be OBSOLETE and present available as an archive for
reference purposes only. ie: their vulnerability database may not be up to
date, but their vulnerability descriptions are still an excellent resource
to refer to.
(note: it may be a while before they start running normally with regular
updates again. I don't know the details, but based on what little I know I
would be a surprised to see it up and running normally again this year. Not
to say it can't happen, and I really hope that they get going soon as it's
a great site, but based on my somewhat uninformed opinions of the situation
I would be surprised.)
At 03:20 PM 6/2/2002 -0400, Ronald Nutter wrote:
>I have recently started using Snort and am now a little confused. I know
>about the rules for Snort that are on the Snort web site. I have also come
>across rules for Snort on Whitehats.com. Which should I use ? Is it
>possible to use both ?
>Don't miss the 2002 Sprint PCS Application Developer's Conference
>August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>Snort-users list archive:
More information about the Snort-users