Snort mailing list archives
Rules for Adware
From: "Darden, Patrick S." <darden () armc org>
Date: Mon, 16 Feb 2004 08:09:20 -0500
I've looked in the archives, and the rules directory, but haven't found an Adware or Malware ruleset. I'm talking about picking up traces of keenvalue, 2020search, rcprograms, flowgo, etc. I've been putting a ruleset together that handles these, but I don't want to duplicate efforts. If someone already has a good/comprehensive ruleset that they don't mind making public, I'm sure a lot of people would appreciate it. If nobody has one, then I don't mind putting one together. I already have the above, and will continue to add to it as time goes by. Send me your rules for Adware/Malware and I will include them. If you want a copy of my ruleset, let me know--it's not very subtle, but it works. --Patrick Darden --darden () armc org --Unix/Firewall/Security ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rules for Adware Darden, Patrick S. (Feb 16)