[Oisf-users] Rule Sets used?
Konstantin Klinger
konstantinklinger at mailbox.org
Mon Jan 27 19:05:46 UTC 2020
Hi David,
This GitHub repo should provide you an overview and answer hopefully most of your questions: https://github.com/King-Konsto/nids-rule-library/blob/master/README.md
Please feel free to open an issue or create a PR if you find a ruleset that is missing on the list.
Further I haven’t played much with suricata‘s new dataset feature which was introduced with suricata 5.0. I guess there are plenty of feeds one could use with this new feature.
Please don’t hesitate to ask further questions, because I’ve played around with mosh of the rulesets on the list.
Cheers,
Konstantin
> Am 27.01.2020 um 18:34 schrieb David Decker <x.faith at gmail.com>:
>
>
> What are the general rules most folks use for Suricata?
>
> I know ET rules are popular, but do folks use the Snort Subscriber/Community ect?
>
> Also any other ones (besides customs) that might be good to look at?
>
> Thanks
> X
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20200127/47727cd7/attachment.html>
More information about the Oisf-users
mailing list