[Snort-sigs] snortrules-snapshot-2_1.tar.gz not being updated?
sscholz at ...2481...
Wed May 12 08:51:04 EDT 2004
The LSASS signatures use the flowbits option, which is not available in 2.1.0,
but was introduced in 2.1.1. The snortrules-snapshot-2_1.tar.gz ruleset is
for the whole 2.1 series of Snort, including 2.1.0. Therefore they did not
include those rules in it.
> It seems that at least some new sigs are not making into
> snortrules-snapshot-2_1.tar.gz. Notably the LSASS sigs seem to be
> mentioned in the SID map but their actual rule entries are not in the
> rules files (netbios.rules). They are in the CURRENT tarball though.
> I'm just curious if this is an intentional omission or not...
Stephan Scholz <sscholz at ...2481...> | Development
Astaro AG | www.astaro.com | Phone +49-721-490069-0 | Fax -55
Awards for ASL:
- Nätverk & Kommunikation Magazine, Sweden: "Five Stars" - October 2003
- Linux Enterprise Readers' Choice Award: Best Firewall - October 2003
- LinuxWorld Product Excellence Award: Best Security Solution - August 2003
- "Excellent" Infoworld Magazine - August 2003
More information about the Snort-sigs