Re: Sid Questions

Not in particular. They're informational. We had them submitted around 
one of the virus outbreaks. I think it was around the first big zip 
attachment outbreak. People were more interested in things that were 
getting downloaded at that time since we didn't know all the attack vectors.

I've disabled most of that set. Thanks for asking the question, makes us 
look back at what's on.

In the next big outbreak when we don't know what's coming I'll turn them 
back on by default. Anyone interested in using them still can re-enable 
them automatically with oinkmaster or something similar. They'll remain 
in the ruleset.

Matt

Rowland, Krisa W ERDC-ITL-MS Contractor wrote:
> I am getting alerts on sid 2000425 - the downloading for the NE and ELF 
> formats.  Are these something I need to worry about?  I mean - is there 
> something particularly malicious about these formats??  I followed the 
> link that was in the alert - but it was just a basic explanation of the 
> format. 
>
> Krisa Rowland
> ERDC Information Assurance Team
> (SAIC Contractor)
> 3909 Halls Ferry Rd.,  Bldg. 8000
> Vicksburg, MS 39180
> 601-634-2493
> krisa.w.rowland@xxxxxxxxxxxxxxxxxxx


-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl