[Snort-users] Snort Rules/VRT Enhancement?
JHally at ...5637...
Wed Aug 9 09:46:22 EDT 2006
What ever happened to the actual snort signatures being included in the
snort signature database? I know I've brought this up before, and I think
the consensus was that they weren't put in there as it may disclose the VRT
rules to non-subscribers, but I don't think I ever saw a reply from the
Snort team. For me, this is the single most missing feature from the
database. The information is excellent, but I always find myself going back
to whatever sig mgmt tool I have and search through the sigs to validate
alerts. This is sometimes the most time consuming part of the forensics.
Snort Team - Does the VRT subscription have this functionality? If it
doesn't it would be a great enhancement IMHO. I think that would drive me
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users