[Snort-users] VRT Blog Post, blacklist.rules

Joel Esler jesler at ...1935...
Tue Feb 8 17:56:04 EST 2011


I just wanted to bring this blog post to everyone's attention (if you aren't a VRT blog subscriber...)

It details how we create the blacklist.rules file that is included in the VRT rules (now with blacklisted user-agents!) There was some discussion about a week ago about the blacklist, botnet-cnc, and phishing-spam rules, so Alex Kirk wrote up this great blog entry with some pointers to the raw data that we product out of the ClamAV Malware repository.

Check it out.

Joel Esler
jesler at ...1935...
http://blog.snort.org && http://blog.clamav.net

More information about the Snort-users mailing list