Re: Arachnids references in snort 1.8 rules

[Brian Caswell <bmc () mitre org>]

John Berkers wrote:
> I was going through trying to use the snort.org ruleset instead of the
> vision rules, and searched for the alterations I used to make to the vision
> rules to customise for our network when I noticed that some of the arachnids
> references in the snort.org rules don't quite match.  One in particular was
> in relation to IDS171, there were a few others too, can't remember them off
> the top of my head right now.  These references were off by one number
> whenever I found them though.
>
> Any chance of getting this rectified?  Any help required, I'd be happy to
> supply more info, search through the entire rulebase etc, whatever's
> required.

Ask and you shall receive.  Maintaining a ruleset takes quite a bit of
time.  (Validating, developing, researching, cleaning, checking for
duplicates, wash, rinse, repeat)

I'm open for suggestions, criticism, opinions, and help.  Anything but
flaming is welcome.  Discussion of this should be moved to snort-sigs
though...

-- 
Brian Caswell
The MITRE Corporation

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users