[Snort-users] Replicating the Bleeding Rulesets

Matt Jonkman jonkman at ...4024...
Wed Dec 26 11:01:37 EST 2007

In light of the unavailability and repeated outages of the old Bleeding
Threats site we're going to replicate that ruleset on the Emerging
Threats website. More info on the site: http://www.emergingthreats.net
 (we've just moved DNS, so you may have an old IP for a few more
minutes, refresh later if you get a placeholder page)

As most of you know I've moved over to Emerging Threats. We've been very
generously grant funded by the Army Research Office and the National
Science Foundation in order to explore some new technologies and enhance
the intelligence gathering and signature producing capabilities of the
open community. We're still ramping up the backend and building a
website. We'll be producing data within days!

As is explained on the site the intention in replicating is not to split
the ruleset, split the community, fork it, compete, whatever. What we do
intend to do is keep it available and get it back to it's previous rate
of updates and new sigs. Plain maintenance just isn't good enough for
this field.

Emerging threats is all about new intel gathering, higher quality rules,
many different output forms and languages, and more realtime blocking
focuses. The backend to make that possible is being built as we speak,
and will start producing very soon. We're very excited about the future
output, and our close partnership with cyber-ta is going to get us off
to a light-speed start!

More as it develops of course, but you can download the current bleeding
ruleset from us, and future updates as well.

Matthew Jonkman
Emerging Threats
US Phone 765-429-0398
US Fax 312-264-0205
AUS Phone 61-42-4157-491
AUS Fax 61-29-4750-026

PGP: http://www.jonkmans.com/mattjonkman.asc

More information about the Snort-users mailing list