Posted by Signature Analyst | Posted in Uncategorized | Posted on 24-02-2010
Threat Intelligence Project[TIP] is started by Joel Esler, JJ Cummings & ShirkDog. The following are the details from the official TIP site:
What is this TIP stuff all about?
The Threat Intelligence Project (TIP) was created to collect information from snort sensors around the globe.Goals
The goal is to provide useful threat metrics from this data, that include some subjective input (False Positives as submitted by sensor operators).Example Metrics:
- IP reputation
- Global Rule hit-count
- Rule accuracy
- Packet data (payload)
- Many more to come, please feel free to make suggestion/requests!
Currently we are developing the client / server components that will collect the data and submit it in a secure fashion. The initial release will have allow the participant to obfuscate ip information (source or dest), payload information (your pakets), none, or both!
More information on TIP is available here: http://rootedyour.com/tip
I will be releasing the Tao of Signature Writing – Part 5 next week after couple of reviews. If you would like to volunteer for us, email is at contact.fingers[at]gmail.com. Thank you for choosing our blog!
