[Oisf-users] question on Emerging Threat Rules

Peter Manev petermanev at gmail.com
Mon Nov 3 20:41:45 UTC 2014


On Mon, Nov 3, 2014 at 6:36 PM, Will Metcalf <william.metcalf at gmail.com> wrote:
> Simon,
>
> Respectfully, please do not use this list to promote the sale of your
> products. You will not see me do this for Emerging Threats. I'm sure the
> last thing people on this list want to see is content devolve into vendors
> pushing products onto the community.
>

I second that

> Regards,
>
> Will
>
> On Mon, Nov 3, 2014 at 11:04 AM, Simon Wesseldine
> <simon.wesseldine at idappcom.com> wrote:
>>
>> Hi Raj,
>>
>>
>>
>> If you haven't had a look already, please see the rules by idappcom
>> (www.ipssecurityrules.co.uk).
>>
>> They have a library of vulnerability based rules that are Suricata
>> compatible. What's more, for every rule they have a packet capture to test
>> it with, using the software application 'Traffic IQ Professional'
>> (www.idappcom.com).
>>
>>
>>
>> A great way to manage your rules from multiple vendors is using the 'Easy
>> Rules Manager (ERM)', again by idappcom.
>>
>>
>>
>> My advice, if you want complete coverage, then use VRT, ET and IPS-SR
>> rules together.
>>
>>
>>
>> Best regards,
>>
>> Simon.
>>
>>
>> _______________________________________________
>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
>> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> Training now available: http://suricata-ids.org/training/
>
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Training now available: http://suricata-ids.org/training/



-- 
Regards,
Peter Manev



More information about the Oisf-users mailing list