<div dir="ltr">Simon,<div><br></div><div>Respectfully, please do not use this list to promote the sale of your products. You will not see me do this for Emerging Threats. I'm sure the last thing people on this list want to see is content devolve into vendors pushing products onto the community.<div><br></div><div>Regards,</div><div><br></div><div>Will</div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Nov 3, 2014 at 11:04 AM, Simon Wesseldine <span dir="ltr"><<a href="mailto:simon.wesseldine@idappcom.com" target="_blank">simon.wesseldine@idappcom.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-GB" link="blue" vlink="purple"><div><p class="MsoNormal">Hi Raj,<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">If you haven't had a look already, please see the rules by idappcom (<a href="http://www.ipssecurityrules.co.uk" target="_blank">www.ipssecurityrules.co.uk</a>).<u></u><u></u></p><p class="MsoNormal">They have a library of vulnerability based rules that are Suricata compatible. What's more, for every rule they have a packet capture to test it with, using the software application 'Traffic IQ Professional' (<a href="http://www.idappcom.com" target="_blank">www.idappcom.com</a>).<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">A great way to manage your rules from multiple vendors is using the 'Easy Rules Manager (ERM)', again by idappcom.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">My advice, if you want complete coverage, then use VRT, ET and IPS-SR rules together.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Best regards,<u></u><u></u></p><p class="MsoNormal">Simon.<u></u><u></u></p></div></div><br>_______________________________________________<br>
Suricata IDS Users mailing list: <a href="mailto:oisf-users@openinfosecfoundation.org">oisf-users@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" target="_blank">http://suricata-ids.org</a> | Support: <a href="http://suricata-ids.org/support/" target="_blank">http://suricata-ids.org/support/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
Training now available: <a href="http://suricata-ids.org/training/" target="_blank">http://suricata-ids.org/training/</a><br></blockquote></div><br></div>