Managing Snort/Suricata rulels

[Greg Porter]

Has anyone found a good web base Snort/Suricata rules? Specifically I am think about trying to integrate (https://github.com/StamusNetworks/Scirius)

GP

[Jeremy Hoel]

I don't know about another tool, but that one is pretty cool.  Thanks for the share.

On Thu, Dec 17, 2015 at 8:54 AM, Greg Porter <gspo...@gmail.com> wrote:

Has anyone found a good web base Snort/Suricata rules?    Specifically I am think about trying to integrate  (https://github.com/StamusNetworks/Scirius)

GP

--
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
To post to this group, send email to securit...@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.

[wedgeshot]

Scirius is impressive and has some potential. It is great for merging in multiple rule-set lists from different sources plus large category exclusions but does falls short. When I needed to disable certain rules in a category it was enough to be annoying to punt for now. ( I will be keeping an eye on it )

I'm going to try this one out hopefully in the near future https://github.com/gmellini/snort-rules-customization

cat,ed,grep,awk, and cut are how I'm current gathering certain rules/categories into disablesid for now.