Snort mailing list archives
Re: CVE vs VRT Rules
From: "Bandekar, Ravi" <Ravi.Bandekar () team telstra com>
Date: Tue, 25 Jun 2013 13:33:10 +1000
Hi So If I give you something like the below to add to the VRT rules, are you able to create the custom rules, so we can add it to our environment? CVE ID CVE-2013-1178 CVE ID CVE-2013-1179 CVE ID CVE-2013-1180 Regards Ravi . From: JJ Cummings [mailto:cummingsj () gmail com] Sent: Tuesday, 25 June 2013 11:22 To: Bandekar, Ravi Cc: snort-sigs () lists sourceforge net Subject: Re: [Snort-sigs] CVE vs VRT Rules You can email this list, create one yourself etc... Sent from the iRoad On Jun 24, 2013, at 20:20, "Bandekar, Ravi" <Ravi.Bandekar () team telstra com> wrote: Thanks for the quick reply. What is the process if I need specific CVE-IDs to be added if it isn’t there? . From: JJ Cummings [mailto:cummingsj () gmail com] Sent: Tuesday, 25 June 2013 11:12 To: Bandekar, Ravi Cc: snort-sigs () lists sourceforge net Subject: Re: [Snort-sigs] CVE vs VRT Rules Every rule has reference metadata, if the rule applies to a CVE then said CVE is referenced. GREP FTW! Sent from the iRoad On Jun 24, 2013, at 20:05, "Bandekar, Ravi" <Ravi.Bandekar () team telstra com> wrote: Hi I would like to know how we are able to check if specific CVEs have been added to the VRT rules. Thanks. Kind Regards Ravi Bandekar Security Technology Operations Security Operations, Telstra Operations <image001.png> ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Attachment:
smime.p7s
Description:
------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- CVE vs VRT Rules Bandekar, Ravi (Jun 24)
- Re: CVE vs VRT Rules JJ Cummings (Jun 24)
- Re: CVE vs VRT Rules Bandekar, Ravi (Jun 24)
- Re: CVE vs VRT Rules JJ Cummings (Jun 24)
- Re: CVE vs VRT Rules Bandekar, Ravi (Jun 24)
- Re: CVE vs VRT Rules waldo kitty (Jun 25)
- Re: CVE vs VRT Rules Bandekar, Ravi (Jun 24)
- Re: CVE vs VRT Rules JJ Cummings (Jun 24)