[Oisf-users] Emerging Threats rules
Cooper F. Nelson
cnelson at ucsd.edu
Wed Jul 12 23:44:12 UTC 2017
Send the error text to me privately, I have a feeling you are loading
something that isn't an actual rules file.
Only files with .rules extensions should be loaded:
> activex.rules
> attack_response.rules
> botcc.portgrouped.rules
> botcc.rules
> chat.rules
> ciarmy.rules
> compromised.rules
> current_events.rules
> dns.rules
> dos.rules
> drop.rules
> dshield.rules
> exploit.rules
> ftp.rules
> games.rules
> icmp.rules
> icmp_info.rules
> imap.rules
> inappropriate.rules
> info.rules
> local.rules
> malware.rules
> misc.rules
> mobile_malware.rules
> netbios.rules
> p2p.rules
> policy.rules
> pop3.rules
> rbn-malvertisers.rules
> rbn.rules
> rpc.rules
> scada.rules
> scada_special.rules
> scan.rules
> shellcode.rules
> smtp.rules
> snmp.rules
> sql.rules
> telnet.rules
> tftp.rules
> tor.rules
> trojan.rules
> user_agents.rules
> voip.rules
> web_client.rules
> web_server.rules
> web_specific_apps.rules
> worm.rules
-Coop
On 7/12/2017 4:39 PM, Charlie Dyer wrote:
> Hello
>
> I'm quite confused, starting Suricata pointing at all the rule files
> from ETPro results in hundreds if not thousands of errors concerning
> these rules, mostly errors like "SC_ERR_INVALID_SIGNATURE".
>
> Is there a particular Suricata-compatible ruleset one should use instead?
>
> I mean I use the same rule set with snort and that errors too, what
> software is etpro rulesets designed for?
>
> Many thanks
>
>
--
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170712/4b0dfa65/attachment-0002.sig>
More information about the Oisf-users
mailing list