[Snort-sigs] snort rules and -CURRENT for 2.1.3
jacobsen at ...437...
Wed Jul 21 13:59:02 EDT 2004
Ok, no one answered me (or Krisa Rowland AFAIK) and things seems
to have gotten worse on the download page. I'll reply to my own
message to try to solicit an official response.
The download page presently features:
snortrules-snapshot-CURRENT.tar.gz for snort-CURRENT
snortrules-snapshot-2_2.tar.gz for Snort-2.2
snortrules-snapshot-2_1.tar.gz for Snort-2.1.x
snortrules-snapshot-2_0.tar.gz for Snort-2.0.x
(1) If snort 2.1.3 rules aren't compatible with Snort 2.1.x
where x<3, which rules are really in the 2.1 file?
(2) As others have noted, asn: rules (which appear to be
a 2.2 only thing?) have started popping up in the 2.1
tarball (sids 2382,2383,2578,2579 in particular).
(3) What, exactly, is snort-CURRENT now? 2.2.+ ??
The download page (and this list) could really use some
A little help please!
Eric Jacobsen wrote:
> I hate to bring up a sore subject, but a few weeks back we
> determined that:
> snortrules-snapshot-CURRENT.tar.gz was for snort 2.1.3
> snortrules-snapshot-2_1.tar.gz was for snort 2.1.0 to 2.1.2
> snortrules-snapshot-2_0.tar.gz was for snort 2.0.x
> If I want to set up a 2.1.3 system (now that it's official
> and not a candidate) should I be syncing from the -CURRENT
> or is that going to change to be [2.1.4 | 2.2.x] as soon as
> those betas and rcs start, and you'll spawn yet another
> snortrules-snapshot hierarchy for 2.1.3 people?
More information about the Snort-sigs