snort-sigs February 2011 archive
Main Archive Page > Month Archives  > snort-sigs archives
snort-sigs: [Snort-users] VRT Blog Post, blacklist.rules

[Snort-users] VRT Blog Post, blacklist.rules

From: Joel Esler <jesler_at_nospam>
Date: Tue Feb 08 2011 - 22:56:04 GMT
To: Snort-Users Users <>,

I just wanted to bring this blog post to everyone's attention (if you aren't a VRT blog subscriber...)

It details how we create the blacklist.rules file that is included in the VRT rules (now with blacklisted user-agents!) There was some discussion about a week ago about the blacklist, botnet-cnc, and phishing-spam rules, so Alex Kirk wrote up this great blog entry with some pointers to the raw data that we product out of the ClamAV Malware repository.

Check it out.

-- Joel Esler && ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. _______________________________________________ Snort-users mailing list Go to this URL to change user options or unsubscribe: Snort-users list archive: