[Full-Disclosure] Snort Signature Database.... Sort of

["James Ashton" <James@xxxxxxxxxxxxxxxxxx>]

I, amoung many other people that I know, Are interested in keeping our snort 
instalations as relivant as possible. 
The most important single activity in this is to keep the signature base up to 
date. I think that the snort.org guys have done a realy wonderful job of 
releasing signatures frequently, But I would like to be able to keep more up to 
the minute with new exploits than they or any other group realy can. 

I run regular searches and often see people posting signatures on this and 
other lists but....   I thought it would be handy to have a single  
"repository" of sorts. So with this in mind I set up phpBB (Yeah   I know) and 
am opening it up to everyone while I work on a better interface to put our 
signatures into I figured that this was easy and searchable.  

I would ask that yourpost titles be relevant to the signature... such as   

"Microsoft - SSLv3 sig - new"   or  

"Cisco IOS 12.1 buffer overflow attack  production"

This will make it easier down the road, If anyone actualy uses this,  and the 
signature base grows...    I am planning to keep this up no matter how big it 
gets.   So I am hoping that People will use it and make suggestions.

Link:   http://www.snort.gitflorida.com/phpBB2/

Well,   Anyone think this is a workable idea....  I am hoping it will help us 
all keep up to date.


James Ashton

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html