Snort mailing list archives
Re: Reliability of signatures
From: Martin Holste <mcholste () gmail com>
Date: Fri, 4 Feb 2011 11:56:05 -0600
Actually this discussion is helping. It's letting us know what you are interested in.
Ok, cool. So, here's my feedback to SF/ET regarding what will help, and I'll try to summarize the above comments to be sure I have understood them: 1. Up/down vote per gid:sid:rev my analysts can click on at the tail end of an investigation to indicate that something's been helpful with a way to make a note of how it was helpful. 2. Dshield/sidreporter-style automated submissions so that you guys can see the sigs that are flagging on all kinds of FP's right off the bat and also to get a cross-section of what IP's are flagging alerts. 3. Up/down vote for category confidence on a given gid:sid:rev. And, I'd personally add a fourth that I feel is very important: 4. Tag suggestion for a gid:sid:rev with corresponding up/down vote for confidence. I personally want to see 1 and 4 implemented ASAP, and they can be started without retrofitting to all existing signatures. Each datum contributed is value added. ------------------------------------------------------------------------------ The modern datacenter depends on network connectivity to access resources and provide services. The best practices for maximizing a physical server's connectivity to a physical network are well understood - see how these rules translate into the virtual world? http://p.sf.net/sfu/oracle-sfdevnlfb _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Reliability of signatures, (continued)
- Re: Reliability of signatures Martin Holste (Feb 04)
- Re: Reliability of signatures Michael Scheidell (Feb 04)
- Re: Reliability of signatures Joel Esler (Feb 04)
- Re: Reliability of signatures Michael Scheidell (Feb 04)
- Re: Reliability of signatures Nigel Houghton (Feb 04)
- Re: Reliability of signatures Martin Holste (Feb 04)
- Re: Reliability of signatures Nigel Houghton (Feb 04)
- Re: Reliability of signatures Martin Holste (Feb 04)
- Re: Reliability of signatures Nigel Houghton (Feb 04)
- Re: Reliability of signatures Joel Esler (Feb 04)
- Re: Reliability of signatures Martin Holste (Feb 04)
- Re: Reliability of signatures beenph (Feb 04)
- Re: Reliability of signatures Martin Holste (Feb 04)
- Re: Reliability of signatures Matthew Jonkman (Feb 04)
- Re: [Emerging-Sigs] Reliability of signatures Jim Hranicky (Feb 04)
- Re: Reliability of signatures Martin Holste (Feb 04)
- Re: Reliability of signatures waldo kitty (Feb 04)
- Re: [Emerging-Sigs] Reliability of signatures Michael Stone (Feb 10)
- Re: [Emerging-Sigs] Reliability of signatures Michael Scheidell (Feb 10)
- Re: [Emerging-Sigs] Reliability of signatures Matt Olney (Feb 10)
- Re: [Emerging-Sigs] Reliability of signatures Michael Scheidell (Feb 10)