<div dir="ltr">I know that NSS Labs used the Telus Security Labs packet capture test cases for their IPS/IDS bakeoffs for years and years. I believe TSL also had Snort signatures to detect those pcaps.<div><br></div><div>The TSL research team was acquired by Trend Micro in early 2018, however, so I'm not sure what happened to that dataset or if Trend offers the same service now.</div><div><br></div><div>When we had them, they were quite expensive - it was like $150k/year for a subscription. But if you wanted to look good on the NSS test, you had to buy-in.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Feb 12, 2020 at 12:17 PM Lucas Augusto Mota de Alcantara <<a href="mailto:lama2@cin.ufpe.br">lama2@cin.ufpe.br</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Hello everyone,</div><div><br></div><div>I'd like to know if is there any dataset with malicious packets and the rules which would be triggered by these packets.<br></div></div>
_______________________________________________<br>
Suricata IDS Users mailing list: <a href="mailto:oisf-users@openinfosecfoundation.org" target="_blank">oisf-users@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" rel="noreferrer" target="_blank">http://suricata-ids.org</a> | Support: <a href="http://suricata-ids.org/support/" rel="noreferrer" target="_blank">http://suricata-ids.org/support/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" rel="noreferrer" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
<br>
Conference: <a href="https://suricon.net" rel="noreferrer" target="_blank">https://suricon.net</a><br>
Trainings: <a href="https://suricata-ids.org/training/" rel="noreferrer" target="_blank">https://suricata-ids.org/training/</a></blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature">Dave Killion<br></div>