process to retiring signatures

Unanswered Question
Feb 24th, 2010

Hello.

Can I find reason for retiring signatures in signatures update ?

I mean information like this:

XXXX/0 - "IE buffer overflow" - retired due to time (vulnerability was published 5 years ago)

XXXY/0 - "Firefox buffer overflow" - retired due to many false positive (non-specific regular expression)

XXXZ/0 - "RPC ..." - retired due to performance reason (memory exhaustion)

When I download information about current signatures update, I can't see why signatures were retired.

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
PWCSinfosec Wed, 02/24/2010 - 11:03

I have actually been looking for this type of informtion, where are you even finding the info?

jan.odzgan Thu, 02/25/2010 - 02:06

Hi

It will be good if cisco technics will be add reason of retiring signatures to release notes and to signature desciption in security center (and intellishield too).

I don't found reason anywhere:

   - it is not in cisco ips release notes

   - it is not on intellishield site

   - it is not on security center

Regards

Actions

This Discussion