Awhile back here on this blog I wrote about PulledPork 0.3.4 being released and about the VRT making the "Connectivity, Balanced, and Security over Connectivity" policies. Also about how you can use PulledPork to automate the updating of your open source Snort rules to take advantage of these recommendations.
Around about the same time VRT put a post up entitled the "VRT Guide to IDS Ruleset Tuning". It was a good post, and I didn't really highlight it. They post some really great examples towards the bottom of the post. If you run a Snort installation and you've read some of my posts about Snort tuning, and "I've installed Snort, now what". This is a good read as well.
Check it out here.
Subscribe to:
Post Comments (Atom)
-
Without going off the deep-end here and discussing every single Snort rule keyword, I just wanted to touch on a few modifiers that people so... -
While on MacOS (and iOS) you can use the Share Sheet from Safari to share a webpage to Notes, it only shares the title, URL, and the favicon...
-
National Post Damn this makes me mad. The Runaway Bride is going to cash in... grrr..
No comments:
Post a Comment