subject:"\[sniffer\] Re\: All about GBUdb"

[sniffer] Re: All about GBUdb

2007-10-08 Thread John T (lists)

OK, a couple of questions.

If an IP is found to be BAD, the website states a non-zero code will be
returned. Well, I know that those of us using Declude and using listed
return codes other than non-zero will have a problem with this. Can this be
set to a specific return code that we can then use with Declude?

Same question on the UGLY, can it be set to return a specific return code so
that we can use that with Declude?

John T


> -Original Message-
> From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf
Of
> Pete McNeil
> Sent: Saturday, October 06, 2007 6:06 PM
> To: Message Sniffer Community
> Subject: [sniffer] All about GBUdb
> 
> Hello Sniffer Folks,
> 
> At your convenience please review the following:
> 
>
http://kb.armresearch.com/index.php?title=Message_Sniffer.TechnicalDetails.G
BUdb
> 
> This page describes one of the key features of the new SNF engine
> (currently in wide beta testing). GBUdb is an IP reputation system
> built on a collaborative learning engine. Each SNF node equipped with
> GBUdb learns the behavior of the message sources it encounters and
> shares that information with other SNF/GBUdb nodes in the cloud.
> 
> This learning and sharing process happens in near real-time
> (zero-minute) and allows the new SNF engine to improve both filtering
> accuracy and system efficiency (with a little help from it's friends).
> 
> Let us know if you have any questions or comments.
> 
> Thanks!
> 
> _M
> 
> --
> Pete McNeil
> Chief Scientist,
> Arm Research Labs, LLC.
> 
> 
> #
> 
> This message is sent to you because you are subscribed to
>   the mailing list .
> To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
> Send administrative queries to  <[EMAIL PROTECTED]>




#
This message is sent to you because you are subscribed to
  the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to  <[EMAIL PROTECTED]>

[sniffer] Re: All about GBUdb

2007-10-09 Thread Pete McNeil

Hello John,

Yes. The standard result codes for ugly IPs depend upon the range they
fall in (based on their statistics):

Ugly in Caution = 40

Ugly in Black = 63

Ugly in Truncate = 20

Note that the black range is identical to hard coded IP rules found in
the SNF rulebase. IP rules are no longer being created. The GBUdb will
now take over that function since it is more dynamic.

Hope this helps,

_M

Tuesday, October 9, 2007, 2:15:36 AM, you wrote:

> OK, a couple of questions.

> If an IP is found to be BAD, the website states a non-zero code will be
> returned. Well, I know that those of us using Declude and using listed
> return codes other than non-zero will have a problem with this. Can this be
> set to a specific return code that we can then use with Declude?

> Same question on the UGLY, can it be set to return a specific return code so
> that we can use that with Declude?

> John T


>> -Original Message-
>> From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf
> Of
>> Pete McNeil
>> Sent: Saturday, October 06, 2007 6:06 PM
>> To: Message Sniffer Community
>> Subject: [sniffer] All about GBUdb
>> 
>> Hello Sniffer Folks,
>> 
>> At your convenience please review the following:
>> 
>>
> http://kb.armresearch.com/index.php?title=Message_Sniffer.TechnicalDetails.G
> BUdb
>> 
>> This page describes one of the key features of the new SNF engine
>> (currently in wide beta testing). GBUdb is an IP reputation system
>> built on a collaborative learning engine. Each SNF node equipped with
>> GBUdb learns the behavior of the message sources it encounters and
>> shares that information with other SNF/GBUdb nodes in the cloud.
>> 
>> This learning and sharing process happens in near real-time
>> (zero-minute) and allows the new SNF engine to improve both filtering
>> accuracy and system efficiency (with a little help from it's friends).
>> 
>> Let us know if you have any questions or comments.
>> 
>> Thanks!
>> 
>> _M
>> 
>> --
>> Pete McNeil
>> Chief Scientist,
>> Arm Research Labs, LLC.
>> 
>> 
>> #
>> 
>> This message is sent to you because you are subscribed to
>>   the mailing list .
>> To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
>> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
>> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
>> Send administrative queries to  <[EMAIL PROTECTED]>




> #
> This message is sent to you because you are subscribed to
>   the mailing list .
> To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
> Send administrative queries to  <[EMAIL PROTECTED]>



-- 
Pete McNeil
Chief Scientist,
Arm Research Labs, LLC.


#
This message is sent to you because you are subscribed to
  the mailing list .
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to  <[EMAIL PROTECTED]>

[sniffer] Re: All about GBUdb

[sniffer] Re: All about GBUdb

2 matches

Site Navigation

Mail list logo

Footer information