Snort mailing list archives
Re: VRT Rule Search is Back on Snort.org
From: Alex Kirk <akirk () sourcefire com>
Date: Wed, 4 Nov 2009 12:39:06 -0500
If you have false positive, send it in to research () sourcefire com. The VRT monitors that list and will respond to submissions there. On Wed, Nov 4, 2009 at 12:29 PM, Jefferson, Shawn < Shawn.Jefferson () bcferries com> wrote:
Can you provide a mechanism for us to submit false positive information via this interface somehow? ------------------------------ *From:* Mike Guiterman [mailto:mguiterman () sourcefire com] *Sent:* Wednesday, November 04, 2009 9:15 AM *To:* Snort Users List; snort-sigs () lists sourceforge net *Subject:* [Snort-users] VRT Rule Search is Back on Snort.org Hi everyone, The updated VRT Rule Search feature is now live on Snort.org. Check it out at: http://snort.org/search. Full text search supports the following: - Single keyword or SID search (ex – ‘windows’, ‘mysql’, ‘linux’) - Multiple keyword search (ex – ‘windows 2000’, ‘mysql 4.10’) - Multiple keyword search with terms joined by the AND, OR, and NOTboolean operators (ex – ‘windows AND 2000 NOT xp’) You can also search by rule fields to narrow your search results. The available fields are: - keyword - cve - bugtraq - sid See the search instructions at: http://snort.org/rule-search-instructionsfor more information on using the enhanced search capabilities. For those of you using BASE, keep an eye out for an upcoming release. Kevin and the BASE team will be updating the direct links back to Snort.org for rules documentation. Finally, the next enhancement will be to add the ability to search by Microsoft advisory number. We'll make an announcement when that feature is enabled. We'd love your feedback, please email any comments or enhancement requests to snort-site () sourcefire com. Our web developers monitor this list. Have a great day! Mike ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Alex Kirk AEGIS Program Lead Sourcefire Vulnerability Research Team +1-410-423-1937 alex.kirk () sourcefire com
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- VRT Rule Search is Back on Snort.org Mike Guiterman (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Jefferson, Shawn (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Alex Kirk (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Nigel Houghton (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Alex Kirk (Nov 04)
- Re: VRT Rule Search is Back on Snort.org Jefferson, Shawn (Nov 04)