[Snort-sigs] Re: snortrules-current not updated since 22 - July
mkettler at ...189...
Mon Aug 12 16:24:02 EDT 2002
At 09:17 PM 8/11/2002 -0400, Brian wrote:
>According to Jason Haar:
> > No - there is a problem.
> > If you dig down through the Web pages, you are told the rules are:
> > http://www.snort.org/dl/signatures/snortrules.tar.gz
> > However, this file is OLD - May 14th by the looks of it.
> > If you download:
> > http://www.snort.org/dl/snortrules.tar.gz
> > Then you get the new rules.
>the two files you listed are the same file. Symlinks are your friend.
Agreed, the files are definitely the same. I downloaded both URLs
(prepending sigs_ to the one from the signatures subdir) and they have
going to http://www.snort.org/dl/signatures/ lists the last modified date
as Mon Aug 12 18:40:24 2002 EDT for snortrules.tar.gz.
I tried wget -nDV and that indicates: Last-Modified: Mon, 12 Aug 2002
I'm not quite sure how Jason derived that
http://www.snort.org/dl/signatures/snortrules.tar.gz is modded in May.
Excessive browser caching of some sort? Or does he have access to the
website's filesystem and is being confused by ls (which will list the
symlink's mod time, not the target file's mod time)?
More information about the Snort-sigs