specific-threats file messed up?

[waldo kitty <wkitty42 () windstream net>]

just noticing the thread about specific-threats.rules so i took a peek at mine 
and the first thing i note is that it seems to be "broken"... "broken" in that 
there are 6 rules listed /ABOVE/ the copyright boilerplate text...

specific-threats.rules
1:1900:12
1:1901:13
1:1810:15
1:1811:13
1:16287:3
1:12202:3

so i took a peek at all the VRT rules files and found more that are skagged in 
this same manner of rules listed above the copyright boilerplate...

botnet-cnc.rules
1:10403:6
1:13953:4
1:10114:7
1:9418:9
1:10113:7
1:15297:3
1:15296:4
1:15295:4
1:15423:3
1:15481:7
1:15553:4
1:15730:4
1:15938:4
1:16297:3
1:16299:3
1:16298:3
1:16302:3
1:16303:3
1:16304:3
1:16368:3
1:16391:5
1:16441:4
1:16442:3
1:16440:6
1:16439:3
1:16459:5
1:16485:6
1:16484:6
1:16483:4
1:16527:4
1:16528:4
1:16526:3

exploit.rules
1:15490:2
1:15906:3
1:15907:3

oracle.rules
1:3532:7
1:3630:7
1:3631:7

policy.rules
1:490:8
1:493:7

rpc.rules
1:12458:4

telnet.rules
1:492:11
1:718:10

voip.rules
1:12359:5

web-misc.rules
1:976:15

scada.rules and web-activex.rules don't even have a copyright boilerplate 
section in them!

granted, these rules being there doesn't hurt anything due to the format of the 
rules files but still... sumptin' ain't right in the land of gosh'n...



------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users