Thanks.
-Nick
Scott Fisher wrote:
I'd say I get least FPs on:
warez (50), av push (49), advertising (56), insurance (48), and
gambling (59)
Most FPs on general (60), experimental (61) and travel (47)
----- Original Message ----- From: "Pete McNeil"
<[EMAIL PROTECTED]>
To: "Nick Hayer" <sniffer@SortMonster.com>
Sent: Thursday, March 09, 2006 9:54 AM
Subject: Re[2]: [sniffer] F001 Rule Bot Change
On Thursday, March 9, 2006, 10:04:17 AM, Nick wrote:
NH> Hi Pete,
It's a bit too early to know about the reliability of F001.
NH> Understood - sorry I was not clear on this :)
NH> I was referring to all your tests eg: printers, snake oil, what
NH> have you. which one do you have the most confidence in maybe get
NH> the least false positive reports on?
I don't have hard data on that right now.
My impression is that we get the fewest FP reports on Porn/Adult and
also on Malware.
My impression is that we get the most on group 63 - I think mostly
because of IP rules from old bots.
I don't have any other strong impressions at this time.
I have it on the list to upgrade the FP processing bot - I will be
providing it with behaviors to keep running statistics on rule
locations at the time of report and other contextual data. This is not
a high priority task - so it will be a while.
Hope this helps,
_M
This E-Mail came from the Message Sniffer mailing list. For
information and (un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html
This E-Mail came from the Message Sniffer mailing list. For
information and (un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html
This E-Mail came from the Message Sniffer mailing list. For information and
(un)subscription instructions go to
http://www.sortmonster.com/MessageSniffer/Help/Help.html
