[Snort-users] Packet Payload database?
This is a discussion on [Snort-users] Packet Payload database? within the Snort forums, part of the System Security and Security Related category; Is there a database available to the public that has captures of what some of these rules are looking for? ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-21-2004
|
|||
|
|||
[Snort-users] Packet Payload database?
Is there a database available to the public that has captures of what
some of these rules are looking for? I have looked around and not been able to find one. If older rules have broad defniitions that later on produce false positives, people cannot improve them without knowing what the rule was originally constructed for. With a database like this available it will help older rules be even more fined tuned as newer net traffic (homegrown apps) might incorporate traffic bits that produces false positives. I think that something along these lines would fit in perfectly with the current snort-rules documentation and would be easy to keep up to date. As new rules come up simply attach the payload you produced it from. Scott ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
