Tuesday, November 18, 2008

New rule groups and new rules for SCADA

Today's VRT Certified Rule release sees the introduction of two new rule groupings, scada.rules and web-activex.rules.

SCADA Rules:
This group contains rules that pertain to the Supervisory Control and Data Acquisition (SCADA) protocol used for computer controlled system monitoring and process control.

Web-ActiveX Rules:
This group contains rule that were formerly in the web-client.rules group. It has been created to better manage the large number of ActiveX rules now in the VRT certified rule set.

These groups would of course need to be added to snort.conf as appropriate if you wanted to use them. Feedback is always welcome and we'd particularly like to hear about your experiences with the SCADA rule set.

Here's the link to today's release: http://www.snort.org/vrt/advisories/vrt-rules-2008-11-18.html

No comments:

Post a Comment