[Oisf-users] question on Emerging Threat Rules
Simon Wesseldine
simon.wesseldine at idappcom.com
Mon Nov 3 17:04:42 UTC 2014
Hi Raj,
If you haven't had a look already, please see the rules by idappcom
(www.ipssecurityrules.co.uk).
They have a library of vulnerability based rules that are Suricata
compatible. What's more, for every rule they have a packet capture to test
it with, using the software application 'Traffic IQ Professional'
(www.idappcom.com).
A great way to manage your rules from multiple vendors is using the 'Easy
Rules Manager (ERM)', again by idappcom.
My advice, if you want complete coverage, then use VRT, ET and IPS-SR rules
together.
Best regards,
Simon.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20141103/7b8516b8/attachment-0002.html>
More information about the Oisf-users
mailing list