Snort mailing list archives

Previous By Date Next
Previous By Thread Next

The VRT is looking for more good test environments.

From: Joel Esler <jesler () sourcefire com>
Date: Tue, 18 Oct 2011 14:32:57 -0400
Snort-Sigs group,

The VRT is looking for more good test environments.

Over the years we have developed a large rule test environment, both internally at Sourcefire and externally with test 
sensors and customer networks.  We are looking to expand this trusted group of Snort rule contributors.  When we have a 
rule we'd like to deploy "in the wild" we will send these rules into these environments.  We're looking to expand this 
group another 20 or so.

This group needs to have a large variety of things on the network.  Servers, clients, Windows, Macs, Linux, malware, 
the works.  .EDU, .MIL, .GOV, .COM..  These need to be large environments with lots of diversity.  The rules we send to 
you will be governed under the VRT license, and may or may not make it into the official VRT ruleset.  

You will be required to sign a NDA with us in order to be a part of this group, because in addition, as an added 
benefit to being a member of this group, we’ll be giving you access to our blacklist IP ruleset.  This ruleset used by 
the IP reputation preprocessor currently contains about 3 Million IPs, and will change by approximately 20,000 to 
100,000 per day.  

Information we'd need back from you:
        Performance of the rule.
        Detection of the rule (Is it false positive prone?  Is it useful to you?)
        The ability to grab full session packet captures of traffic, if needed.
        The ability to provide the packet captures to us, of course, under the NDA.

As a reward, we will receive a free VRT subscription, Tshirts, calendars, and of course, access to the blacklist IP 
feed.

If you are interested, please respond back to me, personally, at jesler () sourcefire com.  Please do not respond to 
the list, to preserve your anonymity.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: