Snort mailing list archives
Re: Please fix or disable emerging-tor.rules
From: "Joel Esler \(jesler\) via Snort-sigs" <snort-sigs () lists snort org>
Date: Tue, 31 Jul 2018 14:29:16 +0000
Bernhard, We do not manage the emerging threats ruleset. Snort-sigs is the mailing list for the official Snort ruleset. Emerging Threats is managed by a third party. -- Joel Esler Manager, Community, Branding, and Open Source Cisco Talos Intelligence Group
On Jul 31, 2018, at 3:41 AM, Bernhard M. Wiedemann <bernhardout () lsmod de> wrote: Signed PGP part Hi, I encountered severe false positives with the https://rules.emergingthreats.net/blockrules/emerging-tor.rules as described in https://lists.emergingthreats.net/pipermail/emerging-sigs/2018-July/028863.html unfortunately nobody seemed to fix it yet, so I'd kindly ask snort to disable use of these broken rules (e.g. in VRT Community) until they are fixed. This will help to improve the life of innocent pool.ntp.org contributors and tor router operators. Ciao Bernhard M. Wiedemann
Attachment:
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Please fix or disable emerging-tor.rules Bernhard M. Wiedemann (Jul 31)
- Re: Please fix or disable emerging-tor.rules Joel Esler (jesler) via Snort-sigs (Jul 31)
- Re: Please fix or disable emerging-tor.rules wkitty42--- via Snort-sigs (Jul 31)