[Emerging-Sigs] Additional clean-up

[Frank Knobbe]

In addition to Matt's CURRENT_EVENTS clean-up, I went through all rules
this past Saturday and added missing flow statements. I also
added/changed the EXTERNAL_NET var on a lot of rules. We should strive
to conform to the EXTERNAL_NET/HOME_NET set up. I'm aware that some
threats come from the inside, but in that case you would set
"EXTERNAL_NET" to "any" anyway so that the other rules fire, including
Snort/VRT rules.

Regards,
Frank



-- 
It is said that the Internet is a public utility. As such, it is best
compared to a sewer. A big, fat pipe with a bunch of crap sloshing
against your ports.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20080519/9038a4ea/attachment.bin