[Snort-sigs] Signature release process
lon_back at ...2535...
Mon Jun 7 07:50:13 EDT 2004
--- Brian <bmc at ...95...> wrote: > On Mon, Jun 07,
2004 at 12:34:10AM +0100, Lon wrote:
> > Is there a document that describes how signatures
> > treated by snort.org, specifically between
> > versions of snort?
> No, there isn't.
> The SNORT_2_0 branch is for all versions of 2.0
> The SNORT_2_1 branch is for all versions of 2.1
> The CURRENT branch is for the latest and greatest
> snapshot of snort.
What I meant was how is it decided what signatures end
up in each version? Is there any attempt to keep the
versions in sync?
It looks if you want to catch the latest, then you
have no choice but to run CURRENT?
> > I noticed that there are no LSASS signatures in
> the 2.0 release?
> > However, they are in the sid-msg.map. Why?
> Because sid-msg.map is shared across all versions of
> snort. The LSASS
> rules only available in CURRENT.
Yahoo! Messenger - Communicate instantly..."Ping"
your friends today! Download Messenger Now
More information about the Snort-sigs