Snort mailing list archives

RE: Signature names

From: "Redman, Ken" <ken.redman () mssm edu>
Date: Wed, 24 Apr 2002 12:02:49 -0400

Mike,
I think this might be what your looking for.
http://cve.mitre.org/

-                      Ken
-                      
-                     ----Original Message-----
From: Mike Macias [mailto:mike.macias () caci-nsg com]
Sent: Tuesday, April 23, 2002 9:01 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Signature names

Is there any work being done to shorten/standardize snort sig names?
The current sig names are unwieldy and they make programming tools(command line) for analysis difficult.
I'm currently making tools that will, among other things, allow you to query a db looking for matching sig names:

snort_tool -s <sig_name>

However, when it comes to some of the snort sig names:

snort_tool -s "WEB-MISC technote main.cgi file directory traversal attempt"

I can imagine an analyst pulling his/her hair out typing this in.

Thanks,
Mike

Current thread:

Signature names Mike Macias (Apr 23)
- Re: Signature names Andrew R. Baker (Apr 23)
- <Possible follow-ups>
- RE: Signature names Redman, Ken (Apr 24)