[Snort-users] Rules for Adware

Darden, Patrick S. darden at ...710...
Mon Feb 16 05:14:00 EST 2004


I've looked in the archives, and the rules directory, but haven't found an
Adware or Malware ruleset.  I'm talking about picking up traces of
keenvalue, 2020search, rcprograms, flowgo, etc.  I've been putting a ruleset
together that handles these, but I don't want to duplicate efforts.  If
someone already has a good/comprehensive ruleset that they don't mind making
public, I'm sure a lot of people would appreciate it.

If nobody has one, then I don't mind putting one together.  I already have
the above, and will continue to add to it as time goes by.  Send me your
rules for Adware/Malware and I will include them.  If you want a copy of my
ruleset, let me know--it's not very subtle, but it works.

--Patrick Darden
--darden at ...710...
--Unix/Firewall/Security




More information about the Snort-users mailing list