rules set

["Don" <Don () WeberOnTheWeb com>]

Is there anywhere that has a rules set specifically tuned to O/S or target
criteria, for instance, if i have ONLY windows and SQL, i dont need to load
the other 14000 rules that look for other types of attacks, and on another
network i'd only need *nix type of attacks, has anyone possibly come up with
a ruleset based on this idea, it could help reduce the workload on the
sensors if there were something like this around, heck, i'd be happy even
with each of the rules having the targeted o/s identified in the rule. but
some rules I just do not recognize so i am not sure whether or not i might
need them.
an idea would be, a ruleset for 'windows', a ruleset for SQL, one for IIS,
etc... these could each be used as a primary ruleset. then the remaining
rules could be add-ons or something.

Don



-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T 
handheld. Power & Color in a compact size! 
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users