[Snort-users] Team0x42 Snort rules

Matt Jonkman jonkman at ...4024...
Mon Apr 7 23:31:58 EDT 2008

I second that, keep at it. If you're looking for a place where you can 
participate without being berated, submit to the emerging-sigs list. 
This is why we exist.  emergingthreats.net

And submit the sigs themselves, rather than links to a tarball. More 
eyeballs will see them that way.


Paul Melson wrote:
>> Some good snort rules by Team0x42
>> Shellcode detection, Web attack detection, DoS detection and web-misc
> rules You can download the rule set from: 
>> http://team0x42.homeunix.org/projects.html
> I mean, good for you for learning to write Snort rules and then sharing that
> back with the community.  Keep it up.  But honestly, I wouldn't actually run
> this rule set.  If you're interested in hearing my reasons why, I'm happy to
> share them with the intent that you may learn to write better rules.
> PaulM (Revere)
> PS - BMC's got his own room at the back of the bus.
> -------------------------------------------------------------------------
> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
> Register now and save $200. Hurry, offer ends at 11:59 p.m., 
> Monday, April 7! Use priority code J8TLD2. 
> http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

Matthew Jonkman
Emerging Threats
Phone 765-429-0398
Fax 312-264-0205

PGP: http://www.jonkmans.com/mattjonkman.asc

More information about the Snort-users mailing list