On 12/16/2010 11:07 AM, Bonno Bloksma wrote:
Hi Pete,
> Hello Sniffer Folks,
>
> We have had a bad rule event.
> The bad rules were created near 0830E, and removed by
1030E.
[...]
Regarding this event A while
ago we talked about sniffer installations exchanging
rule-panic info via the GUBdb sync info as that is happening
every (few) minute(s) in stead of every few hours.
Any idea when a new version of
Sniffer with that feature will be launched?
Actually -- rule-panics are triggered instantaneously based on local
GBUdb data.
Auto-Panic:
When a relatively new rule conflicts with a known good IP on your
system that rule is made inert until the next rulebase update.
The next full release will include features for near-real-time rule
additions and removals.
We plan to begin releasing interim updates of the SNF engine with
some of these features early next year.
We plan to complete the next full release by Q3.
_M
--
Pete McNeil
Chief Scientist
ARM Research Labs, LLC
www.armresearch.com
866-770-1044
x7010
#
This message is sent to you because you are subscribed to
the mailing list .
This list is for discussing Message Sniffer,
Anti-spam, Anti-Malware, and related email topics.
For More information see http://www.armresearch.com
To unsubscribe, E-mail to:
To switch to the DIGEST mode, E-mail to
To switch to the INDEX mode, E-mail to
Send administrative queries to
