Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
SNORT IDS EMERGINGTHREATS COLLABORATION
2008-11-25	Andre Ludwig	The beginnings of a collaborative approach to IDS
SNORT
2025-01-24/a>	Jesse La Grew	[Guest Diary] How Access Brokers Maintain Persistence
2024-11-26/a>	Jesse La Grew	[Guest Diary] Using Zeek, Snort, and Grafana to Detect Crypto Mining Malware
2022-02-26/a>	Guy Bruneau	Using Snort IDS Rules with NetWitness PacketDecoder
2019-01-12/a>	Guy Bruneau	Snorpy a Web Base Tool to Build Snort/Suricata Rules
2017-04-02/a>	Guy Bruneau	IPFire - A Household Multipurpose Security Gateway
2017-01-26/a>	Xavier Mertens	IOC's: Risks of False Positive Alerts Flood Ahead
2016-11-27/a>	Russ McRee	Scapy vs. CozyDuke
2014-10-23/a>	Russ McRee	Digest: 23 OCT 2014
2013-12-16/a>	Tom Webb	The case of Minerd
2013-08-19/a>	Johannes Ullrich	Running Snort on ESXi using the Distributed Switch
2013-04-03/a>	Mark Hofman	New release of snort is available Snort 2.9.4.5, details on www.snort.org (thanks Bill)
2013-03-27/a>	Rob VandenBrink	Sourcefire VRT Community ruleset is live
2013-01-18/a>	Russ McRee	Sourcefire VRT rules update addresses remote stack buffer overflow in rule 3:20275
2012-08-08/a>	Adrien de Beaupre	snort updated to 2.9.3.1 Changelog: http://www.snort.org/downloads/1837
2012-07-18/a>	Rob VandenBrink	Snort Updated today
2011-03-11/a>	Guy Bruneau	Snort IDS Sensor with Sguil Framework ISO
2011-02-19/a>	Guy Bruneau	Snort Data Acquisition Library
2010-07-29/a>	Rob VandenBrink	Snort 2.8.6.1 and Snort 2.9 Beta Released
2010-05-01/a>	Marcus Sachs	Happy May Day
2009-09-27/a>	Stephen Hall	Use Emerging Threats signatures? READ THIS!
2009-09-17/a>	Bojan Zdrnja	Snort 2.8.5 is out
2008-11-25/a>	Andre Ludwig	The beginnings of a collaborative approach to IDS
2006-12-28/a>	Jim Clausing	Archiving the snort tips
IDS
2024-03-29/a>	Xavier Mertens	Quick Forensics Analysis of Apache logs
2021-04-07/a>	Johannes Ullrich	WiFi IDS and Private MAC Addresses
2018-10-08/a>	Guy Bruneau	Latest Release of rockNSM 2.1
2018-03-11/a>	Guy Bruneau	rockNSM Configuration & Installation Steps http://handlers.sans.org/gbruneau/rockNSM%20as%20an%20Incident%20Response%20Package.htm
2017-09-17/a>	Guy Bruneau	rockNSM as a Incident Response Package
2017-06-08/a>	Tom Webb	Summer STEM for Kids
2017-01-26/a>	Xavier Mertens	IOC's: Risks of False Positive Alerts Flood Ahead
2016-05-26/a>	Xavier Mertens	Keeping an Eye on Tor Traffic
2014-04-03/a>	Bojan Zdrnja	Watching the watchers
2014-02-03/a>	Johannes Ullrich	When an Attack isn't an Attack
2013-09-24/a>	Tom Webb	IDS, NSM, and Log Management with Security Onion 12.04.3
2012-07-21/a>	Rick Wanner	TippingPoint DNS Version Request increase
2012-07-18/a>	Rob VandenBrink	Snort Updated today
2011-05-08/a>	Lorna Hutcheson	Monitoring Virtual Machines
2011-03-03/a>	Manuel Humberto Santander Pelaez	Poor man's DLP solution
2010-07-02/a>	Johannes Ullrich	OISF released version 1.0.0 of Suricata, the open source IDS/IPS engine http://www.openinfosecfoundation.org
2010-06-15/a>	Manuel Humberto Santander Pelaez	TCP evasions for IDS/IPS
2010-06-14/a>	Manuel Humberto Santander Pelaez	Another way to get protection for application-level attacks
2009-12-30/a>	Guy Bruneau	Ready to use IDS Sensor with Sguil
2009-09-27/a>	Stephen Hall	Use Emerging Threats signatures? READ THIS!
2008-11-25/a>	Andre Ludwig	The beginnings of a collaborative approach to IDS
2008-10-06/a>	Jim Clausing	Day 6 - Network-based Intrusion Detection Systems
2008-09-18/a>	Bojan Zdrnja	Monitoring HTTP User-Agent fields
2008-09-10/a>	Adrien de Beaupre	Mailbag: OSSEC 1.6 released, NMAP 4.75 released
2008-05-07/a>	Jim Clausing	OSSEC 1.5 released
EMERGINGTHREATS
2008-11-25/a>	Andre Ludwig	The beginnings of a collaborative approach to IDS
2008-06-02/a>	Jim Clausing	Emergingthreats.net and ThePlanet
COLLABORATION
2008-11-25/a>	Andre Ludwig	The beginnings of a collaborative approach to IDS

SNORT IDS EMERGINGTHREATS COLLABORATION

SNORT

IDS

EMERGINGTHREATS

COLLABORATION