[Snort-users] URL to download VRT rules

Alejandro Cabrera Obed aco1967 at ...11827...
Fri Oct 29 15:55:43 EDT 2010


OK, just two questions:

1) Are ET ruleset suitable for Snort 2.9 ??? Because I can't see the
download link for this Snort version at http://rules.emergingthreats.net/

2) How can I download ET ruleset automatically similar to oinkmaster usage
(with cron)???

Thanks a lot



2010/10/28 Kevin Ross <kevross33 at ...14012...>

> I think you may also find use in the emergingthreats rules
> www.emergingthreats.net. Latest rulesets are here:
>
>
> http://rules.emergingthreats.net/open-nogpl/snort-2.8.4/emerging.rules.tar.gz
>
> I would recommend you upgrade though to at least snort 2.8.6.1 so you can
> make use of the improvements and http_modifiers.
>
> http://rules.emergingthreats.net/open/snort-2.8.6/emerging.rules.tar.gz
>
> In ET a lot of focus on malware command and control, malware, viruses and
> current things going on. A worthwhile ruleset to include to detect stuff
> within your network.
>
> Regards, Kevin
>
> On 28 October 2010 16:09, Alejandro Cabrera Obed <aco1967 at ...11827...>wrote:
>
>> Dear all, I've registered in snort.org to download the VRT rules....I
>> have Snort 2.8.5.3.
>>
>> I use oinkmaster to download the rules, but what is the new URL I have to
>> use:
>>
>>
>>    -
>>
>>
>>    This:
>>
>>    http://www.snort.org/reg-rules/snortrules-snapshot-2853.tar.gz/< <http://www.snort.org/reg-rules/snortrules-snapshot-2853.tar.gz/a9e009e98b55441d6aeb6983048178df82d721b9>oinkcode>
>>
>>
>>
>>
>> or this:
>>
>> http://www.snort.org/pub-bin/oinkmaster.cgi/<oinkcode>/snortrules-snapshot-2853.tar.gz
>>
>>
>>
>> Thanks a lot.
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Nokia and AT&T present the 2010 Calling All Innovators-North America
>> contest
>> Create new apps & games for the Nokia N8 for consumers in  U.S. and Canada
>> $10 million total in prizes - $4M cash, 500 devices, nearly $6M in
>> marketing
>> Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
>> http://p.sf.net/sfu/nokia-dev2dev
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20101029/0a48acfa/attachment.html>


More information about the Snort-users mailing list