[Oisf-devel] placement and SIDs for new rules
David Mandelberg
dmandelb at bbn.com
Fri Dec 7 21:59:22 UTC 2012
On Fri, 2012-12-07 at 08:46 -0500, Matt Jonkman wrote:
> On Fri, Dec 7, 2012 at 4:22 AM, Victor Julien <victor at inliniac.net>
> wrote:
> As to where these rules belong, that is an interesting
> question. Maybe
> we distribute them with Suricata at first, then when the
> set(s)
> stabilize we can see if it makes sense to talk to ET about
> integrating?
> ET is always welcoming of rules of use! If they work for you and you
> can share please do, we'll take care of them.
The rules depend on a new variable though. Is it possible to add them to
ET in the short term without breaking things for people running versions
of Snort or Suricata before the variable is introduced?
More information about the Oisf-devel
mailing list