Re: whitehats.com?

• Previous message: Dell, Jeffrey: "RE: whitehats.com?"
• In reply to: Williams Jon: "RE: whitehats.com?"
• Next in thread: Dell, Jeffrey: "RE: whitehats.com?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID: <3BB10C84.9BFA13EB@sourcefire.com>
Date: Tue, 25 Sep 2001 19:00:20 -0400
From: Martin Roesch <roesch@sourcefire.com>
To: Williams Jon <WilliamsJon@JohnDeere.com>
Subject: Re: whitehats.com?

The rules for Snort are maintained and updated from Snort.org on an
almost daily basis. We don't have the extensive backing information of
arachNIDS at this time, but a larger set of rules are maintained and
updated on the site. For example, if you track snort CVS there was a
ton of rules updates and new rules checked in just last night.

The latest version of snort (1.8.1) and the latest Barnyard also can
generate cross reference links to other databases (arachNIDS, bugtraq,
CVE, McAffee, etc) automatically, so you don't necessarily need to
depend on arachNIDS as much.

      -Marty

Williams Jon wrote:
>
> If arachNIDS isn't being updated, does anyone have a good source for snort
> rules that is?
>
> Jon
>
> -----Original Message-----
> From: McCammon, Keith [mailto:Keith.McCammon@eadvancemed.com]
> Sent: Tuesday, September 25, 2001 1:21 PM
> To: 'Young, Eric'; FOCUS-IDS@securityfocus.com
> Subject: RE: whitehats.com?
>
> Whitehats.com has been down for a couple of days, but this is not entirely
> due to Max's absence. Whitehats, Inc. still runs the site, although they
> have not updated or maintained the site very well. I think the latest
> vision.conf file is from 8-21...
> <snip>

--
Martin Roesch - President, Sourcefire Inc. - (410)552-6999
roesch@sourcefire.com - http://www.sourcefire.com 
Snort: Open Source Network IDS - http://www.snort.org

• Previous message: Dell, Jeffrey: "RE: whitehats.com?"
• In reply to: Williams Jon: "RE: whitehats.com?"
• Next in thread: Dell, Jeffrey: "RE: whitehats.com?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: whitehats.com? ... If arachNIDS isn't being updated, does anyone have a good source for snort ... Jon ... (Focus-IDS) Re: Performance testing ... > when I'm generating noise traffic with the Smartbits. ... > 100 TCP flows from 192.168.66.9-109 random port to ... Professional Snort Sensor and Management Console appliances ... Snort: Open Source Network IDS - http://www.snort.org ... (Focus-IDS) Re: [Snort-sigs] Snort Signatures for LSD-PL.NET Exploit ... > own custom rules file: ... > the packet (a way of increasing the speed of Snort processing packets. ... Snort: Open Source Network IDS - http://www.snort.org ... (Incidents) Re: OpenSource NIDS ... > want to combine a signature based NIDS with a NIDS with strict anomaly ... > model and Snort doesn't really suit, ... Snort: Open Source Network IDS - http://www.snort.org ... (Focus-IDS) Re: [more specific] Signature vs. Protocol Analysis ... Corporate America likes off-the-shelf software. ... I was young and naïve back then and Snort was a lot younger too. ... Snort: Open Source Network IDS - http://www.snort.org ... (Focus-IDS)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint