[Snort-sigs] snort rules and -CURRENT for 2.1.3

Eric Jacobsen jacobsen at ...437...
Wed Jul 21 13:59:02 EDT 2004


Ok, no one answered me (or Krisa Rowland AFAIK) and things seems
to have gotten worse on the download page.  I'll reply to my own
message to try to solicit an official response.

The download page presently features:

snortrules-snapshot-CURRENT.tar.gz  for snort-CURRENT
snortrules-snapshot-2_2.tar.gz for Snort-2.2
snortrules-snapshot-2_1.tar.gz for Snort-2.1.x
snortrules-snapshot-2_0.tar.gz for Snort-2.0.x

However,

(1) If snort 2.1.3 rules aren't compatible with Snort 2.1.x
     where x<3, which rules are really in the 2.1 file?

(2) As others have noted, asn: rules (which appear to be
     a 2.2 only thing?) have started popping up in the 2.1
     tarball (sids 2382,2383,2578,2579 in particular).

(3) What, exactly, is snort-CURRENT now? 2.2.+ ??

The download page (and this list) could really use some
clarification.

A little help please!



Eric Jacobsen wrote:

> 
> I hate to bring up a sore subject, but a few weeks back we
> determined that:
> 
> snortrules-snapshot-CURRENT.tar.gz was for snort 2.1.3
> snortrules-snapshot-2_1.tar.gz was for snort 2.1.0 to 2.1.2
> snortrules-snapshot-2_0.tar.gz was for snort 2.0.x
> 
> If I want to set up a 2.1.3 system (now that it's official
> and not a candidate) should I be syncing from the -CURRENT
> or is that going to change to be [2.1.4 | 2.2.x] as soon as
> those betas and rcs start, and you'll spawn yet another
> snortrules-snapshot hierarchy for 2.1.3 people?
> 
> Thanks!
> 






More information about the Snort-sigs mailing list