New Location For (Bleeding-Edge) Snort Sigs 26
Vantage writes "A few of us have gotten together and built a snort 'signature repository.' ... This is a place for everyone to post their personal and company-made signatures and to take a look at and use those submitted by others. It is by no means a replacement for the snort.org signature base, but it will help to get signatures out there for brand new vulnerabilities. We are hoping that those snort users in the /. community will add there sigs to this database. We are looking to add any and all signatures herem so please feel free to post all of your sigs."
Um.. built? (Score:5, Insightful)
Is this just a forum for posting stuff, with the concept being "post snort sigs here asap"?
Why would anyone anywhere use this? you lose all the potential that the concept has by slamming it into a generic system. Why not create a db system that has various intrusion characteristics as bools, and you can attach a sig to a textual report with flagged characteristics, and then let admins and such search the db by characteristic or description text, or affected apps/protocols, etc. Other admins could hit a "have seen in wild" button to let the site rank various intrusion techniques by how common they are.. There is a lot of potential, and it is all squandered. Back to the drawing board.
Re:Um.. built? (Score:1)
Re:Um.. built? (Score:2)
Those ideas were just from looking at what snort is on their page, and taking a guess at what a snort sig does based on the post and the app page.
My first thought was that this entire story was just a clever troll of some type. I mean, my ideas took about 2 minutes from a complete dead start with no real interest i
phpBB2? (Score:3, Interesting)
MySQL database login details (Score:4, Funny)
config.php [gitflorida.com]
Re:MySQL database login details (Score:2)
Re:MySQL database login details (Score:2)
(too british, i wonder?)
Re:MySQL database login details (Score:2)
I've heard it in American law enforcement. I believe it has the same meaning.
Re:MySQL database login details (Score:2)
IIRC, the literal meaning is "a pregant camel". That one doesn't come up too often, though.
Re:MySQL database login details (Score:1)
quickly set up crappy site (Score:4, Funny)
Systems (Score:4, Informative)
Re:Systems (Score:2)
I don't recommend Slashcode. It's really big, and does lots and lots of great stuff, but literally you'll spend the first month trying to figure the whole thing out. If you want a site like Slashdot, then go for it, but it didn't appear that's what you were trying to do.
Re:Systems (Score:3, Informative)
What, in addition to public access to shared sigs, are you really trying to get at? Would a moderation/voting/popularity function be desired, a wiki-style public read/write forum where they could evolve, better search and classification capabilities, etc.?
By the way, its not a bad idea, but it would have helped to be more descriptive in your vision for it and maybe better tool selection.
Snorting cigs? (Score:2, Funny)
Re:Snorting cigs? (Score:2)
Re:What the fuck is a 'snort'? (Score:2, Informative)
Re:What the fuck is a 'snort'? (Score:3, Informative)
That would require editors. (Score:1, Offtopic)
RE: Snort rules (Score:4, Insightful)
I maintain 3 snort servers. Most of my snort rules are very uninteresting, and are used in limiting alerts, and getting rid of false positives due to limited computer resources. We cannot afford to have 10,000 or more alerts per day. The most interesting thing I have written for snort is a simple update utility that gets new rules every 24 hours.
Just my 2 cents.
Re: Snort rules (Score:2, Interesting)
As for the reasoning behind this. I have debated this with dozens of people in the last week. Snort.org and the sourceforge snort list are great resources.. but few people submit things that they think are only good for there INTERNAL use and nothing makes it into the signature-base until it gets approved... in my instalation and in others there is