[Emerging-Sigs] Spyware DNS rules
Matt Jonkman
jonkman at jonkmans.com
Wed Feb 20 10:00:26 EST 2008
Jack Pepper wrote:
>
> New topic: Do you know (from the BT days) how many people actually use
> this ruleset? As you might imagine, I use my own variant that is very
> specific to my environment, so I did not know it had gone offline. I
> decided to reactivate the list based on a thread I saw over on antionline.
Some, but not many. Which is why I didn't go through the effort to re-do
it when we moved. Haven't heard any grumblings about it.
Better will be using the DNSBH as intended of course. We're also looking
into a possible way to use snortsam to push domains to a bind tool of
some sort... Snort's just not the best tool for this.
More as we figure out where to go with it.
Matt
--
--------------------------------------------
Matthew Jonkman
Emerging Threats
Phone 765-429-0398
Fax 312-264-0205
http://www.emergingthreats.net
--------------------------------------------
PGP: http://www.jonkmans.com/mattjonkman.asc
More information about the Emerging-sigs
mailing list