[Snort-sigs] Signature release process

Lon lon_back at ...2535...
Mon Jun 7 07:50:13 EDT 2004


 --- Brian <bmc at ...95...> wrote: > On Mon, Jun 07,
2004 at 12:34:10AM +0100, Lon wrote:
> > Is there a document that describes how signatures
> are
> > treated by snort.org, specifically between
> different
> > versions of snort?
> 
> No, there isn't. 
> 
> The SNORT_2_0 branch is for all versions of 2.0
> 
> The SNORT_2_1 branch is for all versions of 2.1
> 
> The CURRENT branch is for the latest and greatest
> snapshot of snort.
> 

What I meant was how is it decided what signatures end
up in each version? Is there any attempt to keep the
versions in sync?

It looks if you want to catch the latest, then you
have no choice but to run CURRENT?

Thanks,
A




> > I noticed that there are no LSASS signatures in
> the 2.0 release?
> > However, they are in the sid-msg.map.  Why?
> 
> Because sid-msg.map is shared across all versions of
> snort.  The LSASS
> rules only available in CURRENT.  
> 
> Brian 


	
	
		
____________________________________________________________
Yahoo! Messenger - Communicate instantly..."Ping" 
your friends today! Download Messenger Now 
http://uk.messenger.yahoo.com/download/index.html




More information about the Snort-sigs mailing list