[Snort-users] [Snort-sigs] VRT Rule Search is Back on Snort.org

Nigel Houghton nhoughton at ...1935...
Wed Nov 4 13:41:19 EST 2009


On Wed, Nov 4, 2009 at 12:39 PM, Alex Kirk <akirk at ...1935...> wrote:
> If you have false positive, send it in to research at ...3990... The VRT
> monitors that list and will respond to submissions there.
>
> On Wed, Nov 4, 2009 at 12:29 PM, Jefferson, Shawn
> <Shawn.Jefferson at ...14448...> wrote:
>>
>> Can you provide a mechanism for us to submit false positive information
>> via this interface somehow?
>>
>>
>>
>> ________________________________
>>
>> From: Mike Guiterman [mailto:mguiterman at ...1935...]
>> Sent: Wednesday, November 04, 2009 9:15 AM
>> To: Snort Users List; snort-sigs at lists.sourceforge.net
>> Subject: [Snort-users] VRT Rule Search is Back on Snort.org
>>
>>
>>
>> Hi everyone,
>>
>> The updated VRT Rule Search feature is now live on Snort.org.  Check it
>> out at: http://snort.org/search.
>>
>> Full text search supports the following:
>>
>> Single keyword or SID search (ex – ‘windows’, ‘mysql’, ‘linux’)
>> Multiple keyword search (ex – ‘windows 2000’, ‘mysql 4.10’)
>> Multiple keyword search with terms joined by the AND, OR, and NOT boolean
>> operators (ex – ‘windows AND 2000 NOT xp’)
>>
>> You can also search by rule fields to narrow your search results.  The
>> available fields are:
>>
>> keyword
>> cve
>> bugtraq
>> sid
>>
>> See the search instructions at: http://snort.org/rule-search-instructions
>> for more information on using the enhanced search capabilities.
>>
>> For those of you using BASE, keep an eye out for an upcoming release.
>> Kevin and the BASE team will be updating the direct links back to Snort.org
>> for rules documentation.
>>
>> Finally, the next enhancement will be to add the ability to search by
>> Microsoft advisory number.  We'll make an announcement when that feature is
>> enabled.
>>
>> We'd love your feedback,  please email any comments or enhancement
>> requests to snort-site at ...3990...  Our web developers monitor this
>> list.
>>
>> Have a great day!
>>
>> Mike
>>
>>
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>> 30-Day
>> trial. Simplify your report design, integration and deployment - and focus
>> on
>> what you do best, core application coding. Discover what's new with
>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
> --
> Alex Kirk
> AEGIS Program Lead
> Sourcefire Vulnerability Research Team
> +1-410-423-1937
> alex.kirk at ...1935...
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>


BEFORE submitting any false positive reports, read this page:

http://www.snort.org/snort-rules/submit-a-false-positive

The correct email address and the information required is listed on that page.

-- 
Nigel Houghton
Head Mentalist
SF VRT
http://vrt-sourcefire.blogspot.com && http://www.snort.org/vrt/

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Snort-sigs mailing list
Snort-sigs at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs





More information about the Snort-users mailing list