[Oisf-users] question on Emerging Threat Rules

Simon Wesseldine simon.wesseldine at idappcom.com
Mon Nov 3 17:42:37 UTC 2014

Hi William,


Yes, I totally understand and did not intend to purposely promote any of our products.

I was, however responding directly to Raj's question and the answer is in fact my humble opinion.


Consider my wrist slapped;-)


Very best regards,


From: Will Metcalf [mailto:william.metcalf at gmail.com] 
Sent: 03 November 2014 17:37
To: Simon Wesseldine
Cc: oisf-users at lists.openinfosecfoundation.org
Subject: Re: [Oisf-users] question on Emerging Threat Rules




Respectfully, please do not use this list to promote the sale of your products. You will not see me do this for Emerging Threats. I'm sure the last thing people on this list want to see is content devolve into vendors pushing products onto the community.






On Mon, Nov 3, 2014 at 11:04 AM, Simon Wesseldine <simon.wesseldine at idappcom.com> wrote:

Hi Raj,


If you haven't had a look already, please see the rules by idappcom (www.ipssecurityrules.co.uk).

They have a library of vulnerability based rules that are Suricata compatible. What's more, for every rule they have a packet capture to test it with, using the software application 'Traffic IQ Professional' (www.idappcom.com).


A great way to manage your rules from multiple vendors is using the 'Easy Rules Manager (ERM)', again by idappcom.


My advice, if you want complete coverage, then use VRT, ET and IPS-SR rules together.


Best regards,


Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
Training now available: http://suricata-ids.org/training/


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20141103/3e1ebad6/attachment-0002.html>

More information about the Oisf-users mailing list