[Oisf-users] Any other Rules set except emerging threats rules and VRT?
Cooper F. Nelson
cnelson at ucsd.edu
Thu Jan 9 18:44:46 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
EmergingThreats is signature community, so it already accepts signatures
from many independent researchers and groups. As mentioned, they also
have a supported "premium" feed that includes additional signatures
(mostly malware). New signatures are released mostly daily.
We have a big network and even with aggressive rule thresholding we are
seeing tens of thousands of high-severity alerts on our network daily.
- -Coop
On 1/9/2014 7:26 AM, John Zhang wrote:
> Hi everyone,
>
> For suricata rules, except emerging threats rules and VRT, do you have any
> other rule set for reference? and have some reference for comparing
> emerging threats rules and VRT?
>
> Any suggestion, comment will be highly appreciated!
>
> Thanks!
>
> Best regards,
>
> John
>
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSzu4eAAoJEKIFRYQsa8FWVpYIAIAV1CrbAFwhJls99nILfYbj
Ki3LGjvFfaG2mOPovruTdQVmrW2mqujXxLlnBGQ1/B18H5LNHeC8i5QCgPCIFsu8
evyVtioFBPUMhEdXT7fOopvJRo6wJvqtkjp59jHjGjNjqWQVMkDdEuqbgVgOzUef
Z0Pf7zra5ZBNz2zkEe46UYwpZ/0Wktt+9FIYdzGOjEJlu1/jM7G/jMUBD0walgPt
vr5iuVSJtEpRDiqNtsP7Xa6IUROLutsDSSiSPfIEhb9ktXcP9oSyQgcb+ZRlAmiy
u0TjXv/7kbX7ub20TlrjZw8/oBvdzfphYI2ijPExV1AERLu93uaHPWmg3ZPOk7Q=
=qFRx
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list