[Snort-devel] accurate snort profiles
gianni at ...1804...
Fri Jan 31 10:42:17 EST 2003
On Fri, 2003-01-31 at 15:53, Daniel Roelker wrote:
> Snort 2.0 (cvs HEAD) has had significant changes made to the detection
> engine, and probably has no resemblance to the 1.9 profile. It would be
> interesting to see the differences between the two.
OK, will do that on my next set, I assume the snort 1.9.0 rules will
still work OK?
> Thanks a lot, and let us know what you find out.
No problems, I now have updated profiles up at the same URLS, check out
the following URL for information on the hardware, software, configs,
data sets, rulesets used:
I have left in kernel and library (glibc etc.) profiles because thats a
little more helpful.
I'll try and get snort2 profiled in my next run, I'll do a series of
data files and a series of rules next time. Perhaps even do some graphs
if im feeling frisky :)
// Gianni Tedesco (gianni at scaramanga dot co dot uk)
lynx --source www.scaramanga.co.uk/gianni-at-ecsc.asc | gpg --import
8646BE7D: 6D9F 2287 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 189 bytes
Desc: This is a digitally signed message part
More information about the Snort-devel