[Snort-users] Brief Description of Rule Sets

Enrico enrico.papi at ...7615...
Tue Nov 22 12:23:22 EST 2011


yes, we would like an updated description on the rule categories too!
moreover it would be nice to include the default number of active rules for each category,
to avoid that one enables a rule set and then finds out that all the SID are commented out....

On 11/18/2011 04:35 PM, Joel Esler wrote:
> Description of what our categories mean?
>
> Sent from my iPhone
>
> On Nov 18, 2011, at 10:26 AM, Bill Pickens<wmpickens at ...11827...>  wrote:
>
>> I have an old Snort and IDS tools book  published in 2004 that has a chapter with a brief description of the rules sets.
>>
>> Does anyone know where I can find a updated list. Is one kept?
>> It will save some time on training I must do.
>>
>> Thanks
>>
>>
>>
>> ------------------------------------------------------------------------------
>> All the data continuously generated in your IT infrastructure
>> contains a definitive record of customers, application performance,
>> security threats, fraudulent activity, and more. Splunk takes this
>> data and makes sense of it. IT sense. And common sense.
>> http://p.sf.net/sfu/splunk-novd2d
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest Snort news!
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure
> contains a definitive record of customers, application performance,
> security threats, fraudulent activity, and more. Splunk takes this
> data and makes sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-novd2d
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
>




More information about the Snort-users mailing list