Monday, February 1

Snort Ruleset tuning, by the VRT

Awhile back here on this blog I wrote about PulledPork 0.3.4 being released and about the VRT making the "Connectivity, Balanced, and Security over Connectivity" policies.  Also about how you can use PulledPork to automate the updating of your open source Snort rules to take advantage of these recommendations.

Around about the same time VRT put a post up entitled the "VRT Guide to IDS Ruleset Tuning".  It was a good post, and I didn't really highlight it.  They post some really great examples towards the bottom of the post.  If you run a Snort installation and you've read some of my posts about Snort tuning, and "I've installed Snort, now what".  This is a good read as well.

Check it out here.

No comments:

Call of Duty Error 6034 for the Xbox

Several friends and I play Call of Duty nearly every night.  However, Activision’s most recent multiplayer update broke the heck out of Call...