IDS PT Research ruleset (only for non-commercial use)

Started by hushcoden, July 19, 2020, 08:23:04 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 19, 2020, 08:23:04 PM
Before installing that, can anyone please explain what does this rule-set provide more than the standard open rule-set that I'm using ?

Tia.
July 20, 2020, 06:21:41 AM #1
just more rules, that's worthy :)

my understanding is the rules discovered by the community are free, the PRO are not, this does not means PRO rules are more important or critical stuff, but I have several finding, as an example the last I can see are those blocked connection:

ETPRO TROJAN ZxShell PortScan Command
ETPRO EXPLOIT revslider_show_image Plugin Local File Inclusion Exploit Attempt

without PRO rules this would have not been detected and blocked
https://www.signorini.ch
Protectli Pfsense Mi7500L6 Intel 7Th Gen Core I7 7500U 16Gb Ddr4 Ram
512Gb Msata Ssd
6 X Intel Gigabit Ethernet
July 20, 2020, 08:47:03 AM #2
I'm currently using the ET Open rule-set, but if you look at the plugin section you'll see not just the Pro rule-set but also the ones as per my subject, hence I'm bit confused of what the differences are between ET Open / ET Pro and that PT Research ruleset...

Thanks.
July 20, 2020, 09:11:59 AM #3
sorry I misread the topic.

that's actually a good question...

I only know I installed them
https://www.signorini.ch
Protectli Pfsense Mi7500L6 Intel 7Th Gen Core I7 7500U 16Gb Ddr4 Ram
512Gb Msata Ssd
6 X Intel Gigabit Ethernet
Print
Go Up Pages1
User actions