Posted by Gnomad on Jul 08, 2018; 10:50am
URL: https://itus.accessinnov.com/Web-Filter-Malicious-versus-Spyware-rules-tp1546.html

The Ads and Malicious categories under Services > Web Filter > Basic Settings get handled completed differently to the remainder of the categories.  These first two have a bunch of different rules and download URLs, whereas the others are all unpacked from http://www.shallalist.de/Downloads/shallalist.tar.gz 

Presumably then, the Spyware rules from shallalist probably overlap a lot of the Malicious ones - has anyone done any sort of analysis to confirm?

I've had some problems with snort blocking all traffic once I enable Spyware blocking, so I'm wondering if I'm seeing duplicates or hitting some rule limits..