[Oisf-users] OT: Rule Updates

Phil Daws uxbod at splatnix.net
Sat Nov 7 17:16:10 UTC 2015

Thank you all for your contributions. 

----- On 7 Nov, 2015, at 00:02, Jones, Jason <jasonjones at arbor.net> wrote: 

> Internally we use custom code to pull and insert into a djang-based management
> system that tracks revisions / enable / disable of rules / etc. designed around
> the "non-standard" way we use suricata in our malware setup, so not much help
> :)

> I recently heard about Scirius, a web app to manage rules that is part of SELKS
> and appears to support both import from ET rulesets and other one-offs like the
> SSL Blacklist feed from abuse.ch . Seems similar to the setup that I built, but
> never used:

> https://github.com/StamusNetworks/scirius

> On Fri, Nov 6, 2015 at 10:14 AM, Phil Daws < uxbod at splatnix.net > wrote:

>> Hello,

>> what are people using now to update their rules ? I used to use pulledpork for
>> fetching both ET and Snort open rules but that no longer seems to work.

>> Thanks, Phil

>> _______________________________________________
>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
>> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net
> --
> Jason Jones
> ASERT Security Research Analyst
> PGP Key: 0x3CD1DDE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20151107/0e1079de/attachment-0002.html>

More information about the Oisf-users mailing list