Re: VRT Rule Search is Back on Snort.org

[Alex Kirk <akirk () sourcefire com>]

If you have false positive, send it in to research () sourcefire com. The VRT
monitors that list and will respond to submissions there.

On Wed, Nov 4, 2009 at 12:29 PM, Jefferson, Shawn <
Shawn.Jefferson () bcferries com> wrote:

>  Can you provide a mechanism for us to submit false positive information
> via this interface somehow?
>
>
>  ------------------------------
>
> *From:* Mike Guiterman [mailto:mguiterman () sourcefire com]
> *Sent:* Wednesday, November 04, 2009 9:15 AM
> *To:* Snort Users List; snort-sigs () lists sourceforge net
> *Subject:* [Snort-users] VRT Rule Search is Back on Snort.org
>
>
>
> Hi everyone,
>
> The updated VRT Rule Search feature is now live on Snort.org.  Check it out
> at: http://snort.org/search.
>
> Full text search supports the following:
>
>    - Single keyword or SID search (ex – ‘windows’, ‘mysql’, ‘linux’)
>    - Multiple keyword search (ex – ‘windows 2000’, ‘mysql 4.10’)
>    - Multiple keyword search with terms joined by the AND, OR, and NOTboolean operators (ex – ‘windows
>    AND 2000 NOT xp’)
>
> You can also search by rule fields to narrow your search results.  The
> available fields are:
>
>    - keyword
>    - cve
>    - bugtraq
>    - sid
>
> See the search instructions at: http://snort.org/rule-search-instructionsfor more information on using the enhanced 
> search capabilities.
>
> For those of you using BASE, keep an eye out for an upcoming release.
> Kevin and the BASE team will be updating the direct links back to Snort.org
> for rules documentation.
>
> Finally, the next enhancement will be to add the ability to search by
> Microsoft advisory number.  We'll make an announcement when that feature is
> enabled.
>
> We'd love your feedback,  please email any comments or enhancement requests
> to snort-site () sourcefire com.  Our web developers monitor this list.
>
> Have a great day!
>
> Mike
>
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users



-- 
Alex Kirk
AEGIS Program Lead
Sourcefire Vulnerability Research Team
+1-410-423-1937
alex.kirk () sourcefire com

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users