the de facto standard in IPS  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Snort Downloads Snort Rules Snort Docs Snort Training Snort Forums Snort Community Snort Store
Search Site
Search Rules
Account
email
password
not registered?
can't login?
user preferences

News

Submit News News Feeds Questions?
-
(Displaying 1 - 10 of 723)
VRT Rules Support for Snort v2.6 End of Life Announcement Mike Guiterman (Sourcefire) @ October 08, 2008 12:01:39
In accordance with the VRT Lifecycle Policy http://www.snort.org/vrt/eol.html Sourcefire is announcing the End of Life (EOL) of VRT Rules support for Snort v2.6.x effective November 3, 2008. EOL for version 2.6.x was originally announced on March 3, 2008 to be effective on June 3, 2008. However the VRT has been able to extend that support through the beginning of November.

The Sourcefire VRT develops rules that take advantage of the latest features and capabilities in Snort. Although the VRT makes every effort to convert new and updated rules for use in older versions of Snort, it is not always possible. In the case of v2.6, it has become impossible for the VRT to provide rules updates. Sourcefire strongly encourages all users of Snort v2.6.x to upgrade the current version of Snort, v2.8.3.1


Please feel free to contact me with any questions.

Regards

Mike



Mike Guiterman
Snort Community Manager
Sourcefire, Inc.
mike.guiterman@sourcefire.com
(410)423-1930
We moved the VRT blog VRT (Sourcefire) @ October 07, 2008 12:40:54

We have moved the VRT blog to http://vrt-sourcefire.blogspot.com. In the coming weeks we will include the feed from the blog here.

In the meantime, feel free to get your VRT news and gossip from the link above.
VRT Certified Rules Update Available Sourcefire VRT (Sourcefire) @ October 06, 2008 17:29:27

This release contains a number of rule modifications and new rules in the netbios and exploit rule categories.

These rules are available to subscribers only until Wednesday, November 5, 2008.

Download rules | view advisory | view changelog | subscribe now.
Snort 2.8.3.1 Now Available Snort Team (Sourcefire) @ October 06, 2008 16:32:13
Snort 2.8.3.1 is now available on snort.org, at http://www.snort.org/dl/

Snort 2.8.3.1 resolves an issue in rule latency thresholding.

Please see the release notes and changelog for more details.

Happy Snorting!
The Snort Release Team
VRT Certified Rules Update Available Sourcefire VRT (Sourcefire) @ September 24, 2008 13:40:59

The Sourcefire VRT has added multiple rules in the web-client and voip categories to provide coverage for emerging ActiveX control and exploit threats.

These rules are available to subscribers only until Friday, October 24, 2008.

Download rules | view advisory | view changelog | subscribe now.
VRT Certified Rules Update Available Sourcefire VRT (Sourcefire) @ September 18, 2008 14:51:02

The Sourcefire VRT has added multiple rules in the web-client and exploit categories to provide coverage for emerging ActiveX control and exploit threats.

These rules are available to subscribers only until Saturday, October 18, 2008.

Download rules | view advisory | view changelog | subscribe now.
Snort Users Webinar - Wed. Sept. 17 Mike Guiterman (Sourcefire) @ September 15, 2008 16:40:04
On behalf of the Snort Team at Sourcefire, I’d like to invite you to attend the next session of the Snort Users Webinar Series.

In this session Matt Olney of the Sourcefire Vulnerability Research Team (VRT) will present Performance Rules Creation: Rules Options and Techniques. Matt will look at the use of several different rule options by examining their use in published VRT rules.


For an in depth example of the material to be covered see the Matt’s VRT Rants Post from Sept. 5: http://www.snort.org/pub-bin/vrtnews.cgi

Webinar details

Date: September 17, 2008
Time: 1:00 PM US Eastern Daylight Time (GMT -4:00)

To register for this webinar visit:
https://sourcefireevents.webex.com/sourcefireevents/onstage/g.php?t=a&d=663541041

As always this session will be recorded and posted on Snort.org for future use.

Part I in this series was presented on June 4, 2008. You may want to review the archived session prior to the session. The archive is available at: http://www.sourcefire.com/resources/snort-webcast-access?sfext=snorthome1

I hope you can join us.

Regards,

Mike
VRT Certified Rules Update Available Sourcefire VRT (Sourcefire) @ September 09, 2008 16:00:21

The Sourcefire VRT is aware of multiple vulnerabilities affecting Microsoft products and SCADA systems.

These rules are available to subscribers only until Thursday, October 9, 2008.

Download rules | view advisory | view changelog | subscribe now.
Snort 2.8.3 Now Available Snort Release Team (Sourcefire) @ September 05, 2008 15:04:34
Snort 2.8.3 is now available on snort.org, at http://www.snort.org/dl/

Snort 2.8.3 introduces:

- MPLS decoding support

- Improvements to HTTP Inspect to provide more information to the rules
language

- Several other improvements and fixes

Please see the release notes and changelog for more details.

Happy Snorting!
The Snort Release Team
OSSEC HIDS 1.6 Released Mike Guiterman (Sourcefire) @ September 02, 2008 15:46:51

From Daniel Cid of the OSSEC Team

"The OSSEC team is pleased to announce the general availability of
OSSEC version 1.6.

OSSEC is an Open Source Host-based Intrusion Detection System. It
performs log analysis, integrity checking,
Windows registry monitoring, rootkit detection, real-time alerting and
active response. It runs on most operating systems,
including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

This new version delivers the most comprehensive update to OSSEC in
its history, with numerous new features and bug fixes, including:

* New multi-server architecture
* New platform support for Microsoft Vista (and Server 2008)
* New platform support for VMware ESX
* Added active response module for Windows
* CIS benchmarks on Linux (through the policy auditing)
* Added the VMWare Security hardening guideline to the policy auditing
* Added support for McAfee VirusScan Enterprise logs
* Added support for VMware ESX hostd logs
* Added support for Mac OS FTP server logs
* New tools to better manage the data stored (syscheck_control,
rootcheck_control, log_test)

And much more… Check the release message for more information:
http://www.ossec.net/main/ossec-v16-released

Download it from: http://www.ossec.net/main/downloads"

Congratulations on the release guys!

-
(Displaying 1 - 10 of 723)
site feedback | Terms of Use | Privacy Policy | forum archives ©2008 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.