I wonder if these descriptions are the same

that comes with IDM sig updates (.zip)

tk

No, they are not always in sync. See sig id 3030.

The signature descriptions & benign triggers section are the same.

I just checked 3030 as was mentioned and I see the same description and benign triggers on MySDN, IEV, and in the NSDB.tar file packaged with the MC updates. Where are you seeing a difference?

At one time I believe they were not. The description for 3030 was updated on MySDN. It was probably eventually also updated with an update to IEV or IDS MC....I just hadn't updated yet. It looks like there is different information in both (neither seems to be a mere subset of the other). Which makes me wonder, is there some process by which one is derived from the other so that they stay in sync?

There are 2 distinct sources, signature descriptions and vulnerability records.The NSDB is built from each at each release. What you see on MySDN is a more interactive version of the NSDB plus more vulnerability information. But in either case, the source of the information is the same and so should be in sync. However, it's possible that there are a few signatures out of sync - could have happened in some moving around of databases in the not too distant past... that's probably what you remember regarding the 3030 sig information... Anyway, I'm trying to not get stuck on details here... in the end, there are two distinct sources we use and the NSDB is built fresh at each release, we can't really rebuild MySDN at each release. There really shouldn't be any discrepancies in data *since* MySDN was brought up, but it's possible that something happened just prior to that and we may have data out of sync.

If you see a discrepancy, by all means please bring it to our attention, and we'll fix it.

I hope I didn;t just confuse the issue more with this post.