Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Emerging Threats is an open source community project. Through the support of our community we are able to produce the fastest moving and most diverse Snort Signature set and firewall rules available. Other related projects find a home here as well. Matt Jonkman manages this project.
Our content is free to use by any user or organization, commercial or private. We only ask that when you detect new threats in your environment or write new rules suitable for public release that you share that intelligence with the community at large. We update these rulesets as new information surfaces (usually several times a day 7 days a week) and highly recommend you update at least twice a week to stay up to date. Daily is your best bet.
Emerging Threats has been in operation under several names for over 5 years. We were formed originally as Bleeding Snort, but had to remove Snort from our name several years later when Sourcefire went public. We then became Bleeding Threats. That project had to be abandoned and is defunct unfortunately because of some possible license conflicts that appeared to be arising, so the entire ruleset was moved here, to Emerging Threats. In 2008 we received grant funding from the Army Research Office and the National Science Foundation to continue this project and research.
Yes. Been using their rules since they were called Bleeding Snort.
Quote:
Originally Posted by Jim Bengtson
Are they for real?
Definately are. The obvious problem with Snort becoming Sourcefire was that paying customers gained instant rule access while non-paying users (who actually may have even helped Snort by developing and modifying rules and promoting the SW) were forced to wait a period. Emerging Threats rules are free and updated regularly.
Definately are. The obvious problem with Snort becoming Sourcefire was that paying customers gained instant rule access while non-paying users (who actually may have even helped Snort by developing and modifying rules and promoting the SW) were forced to wait a period. Emerging Threats rules are free and updated regularly.
I believe when Sourcefire releases new/revised rules, they initially give them to their subscribed customers, then release them to the the non-subscribed a week later.
I'm pretty sure you're aware of this (and I'm gonna summarize, so those who may poke holes later, just be aware that I'm trying to avoid a long and winded account of things), but the word is that Sourcefire was concerned that there were a lot of corporate entities that were using their rules and not contributing to them, to the extent that some were actually making money off of their rules. They wanted to prevent abuse of their good nature, I believe. Not that I agree or not agree.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
