This is cache of http://taosecurity.blogspot.com/2008/02/snort-report-13-posted.html. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
Snort Report 13 Posted
2008-02-14 22:05:00 by Richard Bejtlich in TaoSecurity
 
My 13th Snort Report titled How to use shared object rules in Snort is posted. From the start of the article:

Shared object (SO) rules were introduced in Snort 2.6.0 in early 2006 to provide a means to obscure the exact detection mechanism used in the rule and allow for more flexible detection criteria. However, for the most part, organizations have continued to rely upon traditional Snort rules. This may be about to change, in light of a recent security advisory from Sourcefire. Let's take a look at how to get shared object rules working on Snort sensors.

If you have questions on Snort you'd like me to try to answer, please post them as comments here. Thank you.
Copyright 2003-2008 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
 
Tags: snort, snort sensors, 13th snort report, rules, object rules, traditional snort rules, object, recent security advisory, taosecurity
 
 
 
 
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia