I'm currently interning at a company using many of Cisco's IPS/IDS. One of my primary responsibilities is researching signatures used by the various devices to get a better understanding of what signatures should be activated.
I am have an extremely difficult time finding information about some (most) of the signatures. Not even the all-powerful Google seems to turn up much info.
I was wondering if anyone could suggest some documentation or other websites I can read to get a better understanding of each of the signatures. For most of the signatures, the little explanations provided by VMS are insufficient to make an educated decision (not to mention, many of them seem redundant and difficult to distinguish between).
Any and all help is greatly appreciated!
*Edit: I know there is the section under MySDN, however most of the signatures I am looking at don't appear to be in there for some reason.
I'm new to the whole IPS thing, so please forgive my ignorance!*