I, amoung many other people that I know, Are interested in keeping our snort instalations as relivant as possible. The most important single activity in this is to keep the signature base up to date. I think that the snort.org guys have done a realy wonderful job of releasing signatures frequently, But I would like to be able to keep more up to the minute with new exploits than they or any other group realy can.
I run regular searches and often see people posting signatures on this and other lists but.... I thought it would be handy to have a single "repository" of sorts. So with this in mind I set up phpBB (Yeah I know) and am opening it up to everyone while I work on a better interface to put our signatures into I figured that this was easy and searchable. I would ask that yourpost titles be relevant to the signature... such as "Microsoft - SSLv3 sig - new" or "Cisco IOS 12.1 buffer overflow attack production" This will make it easier down the road, If anyone actualy uses this, and the signature base grows... I am planning to keep this up no matter how big it gets. So I am hoping that People will use it and make suggestions. Link: http://www.snort.gitflorida.com/phpBB2/ Well, Anyone think this is a workable idea.... I am hoping it will help us all keep up to date. James Ashton _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
