Snort mailing list archives
Re: ENABLED vs DISABLED
From: "Joel Esler \(jesler\) via Snort-sigs" <snort-sigs () lists snort org>
Date: Wed, 29 Jul 2020 21:56:56 +0000
Dear Anthony, Thanks for your email. I believe you will find what you are looking for here: https://www.snort.org/faq/why-are-rules-commented-out-by-default -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org
On Jul 29, 2020, at 4:01 PM, Filice II, Anthony via Snort-sigs <snort-sigs () lists snort org> wrote: All, Does anyone know why this new release shows DISABLED. Especially when several are still currently being exploited? * 1:54637 <-> DISABLED <-> SERVER-WEBAPP Zoom Client ZoomOpener remote code execution attempt (server-webapp.rules) * 1:54636 <-> DISABLED <-> SERVER-WEBAPP Zoom Client ZoomOpener remote code execution attempt (server-webapp.rules) * 1:54650 <-> DISABLED <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt (server-webapp.rules) * 1:54649 <-> DISABLED <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt (server-webapp.rules) _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org <mailto:Snort-sigs () lists snort org> https://lists.snort.org/mailman/listinfo/snort-sigs <https://lists.snort.org/mailman/listinfo/snort-sigs> Please visit http://blog.snort.org <http://blog.snort.org/> for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette <https://snort.org/faq/what-is-the-mailing-list-etiquette> Visit the Snort.org <http://snort.org/> to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads <https://snort.org/downloads/#rule-downloads>">emerging threats</a>!
Attachment:
smime.p7s
Description:
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- ENABLED vs DISABLED Filice II, Anthony via Snort-sigs (Jul 29)
- Re: ENABLED vs DISABLED Joel Esler (jesler) via Snort-sigs (Jul 29)