<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>From: Hanson.Webster@...3973...<br><div>CC: snort-sigs@lists.sourceforge.net<br>Date: Mon, 20 Oct 2014 17:33:03 +0000<br>Subject: Re: [Snort-sigs] SNORT version lifecycle<br><br>



<style><!--
.ExternalClass p.ecxMsoNormal, .ExternalClass li.ecxMsoNormal, .ExternalClass div.ecxMsoNormal {
font-size:12.0pt;
font-family:"Times New Roman","serif";
}

.ExternalClass a:link, .ExternalClass span.ecxMsoHyperlink {
color:blue;
text-decoration:underline;
}

.ExternalClass span.ecxMsoHyperlinkFollowed {
color:purple;
text-decoration:underline;
}

.ExternalClass span.ecxapple-converted-space {
}

.ExternalClass span.ecxEmailStyle18 {
font-family:"Calibri","sans-serif";
color:#1F497D;
}

.ExternalClass .ecxMsoChpDefault {
font-size:10.0pt;
}

.ExternalClass div.ecxWordSection1 {
}

--></style>


<div class="ecxWordSection1">
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;">OK I downloaded Snort 2.9.6.2 and daq 2.0.2 and installed them .  I can get pulled pork to update the rules now, however I can’t get Snort to start.  This is
 the error I get:</span></p>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;"> </span></p>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;">Finished Loading all dynamic preprocessor libs from /usr/local/lib/snort_dynamicpreprocessor/</span></p>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;">ERROR: The dynamic detection library "/usr/local/lib/snort_dynamicrules/web-activex.so" version 1.0 compiled with dynamic engine library version 2.0 isn't compatible
 with the current dynamic engine library "/usr/local/lib/snort_dynamicengine/libsf_engine.so" version 2.1.</span></p>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;">Fatal Error, Quitting..</span></p>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;"> </span></p>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;">What do I need to update?</span></p>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;"> </span></p><p class="ecxMsoNormal">You need to update the shared object rules (.so) files residing in 
/usr/local/lib/snort_dynamicrules/. The error basically says that you 
are using an older version of the shared objects and that these need to 
be updated to the compiled version 2.1 that goes along with your Snort 
version.<br><br>You can either delete the existing older ones and copy 
the new ones manually from the rules tarball 
(so_rules/precompiled/<distro>/<archi>/2.9.6.2/), or 
configure PulledPork to update them automatically for you.<br><br>YM<br><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;"></span></p><p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;"><br></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in;">
<p class="ecxMsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";"> Joel Esler (jesler) [mailto:jesler@...3865...]
<br>
<b>Sent:</b> Monday, October 20, 2014 9:46 AM<br>
<b>To:</b> Webster, Hanson<br>
<b>Cc:</b> snort-sigs@lists.sourceforge.net<br>
<b>Subject:</b> Re: [Snort-sigs] SNORT version lifecycle</span></p>
</div>
</div>
<p class="ecxMsoNormal"> </p>
<p class="ecxMsoNormal">EOL has nothing to do with “time” per say.  </p>
<div>
<p class="ecxMsoNormal"> </p>
</div>
<div>
<p class="ecxMsoNormal">As is listed on the EOL page (<a href="http://www.snort.org/eol" target="_blank">www.snort.org/eol</a>), we support the latest patch version of the current major version and the latest patched version of the prior major version (So 2.9.6.2, 2.9.5.6)  (The
 third number being the major version).  When we introduce a new version (2.9.6.2), we support the last minor revision for 90 days, then it is EOL.  </p>
</div>
<div>
<p class="ecxMsoNormal"> </p>
</div>
<div>
<p class="ecxMsoNormal"> </p>
</div>
<div>
<p class="ecxMsoNormal">So, for instance, The next version with be 2.9.7.0, at which time, we will set 2.9.5.6 (two major versions down) to 90 day EOL.  We will support 2.9.6.2 until the next major version (2.9.8.0 or whatever we are calling it) is released.</p>
</div>
<div>
<p class="ecxMsoNormal"> </p>
</div>
<div>
<p class="ecxMsoNormal">Does that help?</p>
</div>
<div>
<p class="ecxMsoNormal"> </p>
</div>
<div>
<p class="ecxMsoNormal"><span style="font-family:"Lucida Grande","serif";">--</span><br>
<b><span style="font-family:"Lucida Grande","serif";">Joel Esler</span></b><br>
<span style="font-family:"Lucida Grande","serif";">Open Source Manager</span><br>
<span style="font-family:"Lucida Grande","serif";">Threat Intelligence Team Lead</span><br>
<span style="font-family:"Lucida Grande","serif";">Talos</span></p>
</div>
<div>
<p class="ecxMsoNormal"> </p>
</div>
<div>
<p class="ecxMsoNormal"> </p>
</div>
<div>
<p class="ecxMsoNormal"> </p>
<div>
<blockquote style="">
<div>
<p class="ecxMsoNormal">On Oct 20, 2014, at 9:30 AM, <a href="mailto:Hanson.Webster@...3973...">
Hanson.Webster@...3973...</a> wrote:</p>
</div>
<p class="ecxMsoNormal"> </p>
<div>
<div>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";">Looking at the EOL table it appears that SNORT versions go end of life after 6 months. 2.9.6 was valid from 1/2014 until 7/2014 and 2.9.61 was valid from 4/2014 until 10/2014. 
 Should I assume that 2.9.6.2 will go EOL in February of 2015?</span></p>
</div>
<div>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"> </span></p>
</div>
<div>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";">What is the procedure for updating SNORT?  Is it required to update it twice a year? </span></p>
</div>
<div>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"> </span></p>
</div>
<table class="ecxMsoNormalTable" style="width:1016.25pt;background:#F2F2F2;border-collapse:collapse;background-position:initial initial;" width="1355" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="width:50.0%;border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top" width="50%">
<p class="ecxMsoNormal" style=""><b><span style="font-family:"Helvetica","sans-serif";color:#333333;">Snort Version</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style=""><b><span style="font-family:"Helvetica","sans-serif";color:#333333;">Released</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style=""><b><span style="font-family:"Helvetica","sans-serif";color:#333333;">EOL</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
</tr>
<tr>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">Snort 2.9.5.6</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">2013-11-18</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">TBD**</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
</tr>
<tr>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">Snort 2.9.6.0</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">2014-01-23</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">2014-07-23</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
</tr>
<tr>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">Snort 2.9.6.1</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">2014-04-24</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">2014-10-15</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
</tr>
<tr>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">Snort 2.9.6.2</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">2014-07-17</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
<td style="border:none;border-top:solid #DDDDDD 1.0pt;padding:3.75pt 3.75pt 3.75pt 3.75pt;" valign="top">
<p class="ecxMsoNormal" style="text-align:justify;"><span style="font-family:"Helvetica","sans-serif";color:#333333;">TBD**</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</td>
</tr>
</tbody>
</table>
<div>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"> </span></p>
</div>
<div>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"> </span></p>
</div>
<div class="ecxMsoNormal" style="text-align:center;" align="center"><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:gray;">
<hr size="2" width="100%" align="center">
</span></div>
<div>
<p class="ecxMsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#4F81BD;">Hanson M. Webster</span></b><span class="ecxapple-converted-space"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:gray;"> </span></span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:gray;">|
 Network and Security Analyst | Salem Five Bank | 210 Essex Street, Salem MA 01970 | Tel: 978.720. 5230 | Fax: 978.498.0230 |<span class="ecxapple-converted-space"> </span><a href="http://www.salemfive.com/" target="_blank"><span style="color:gray;">www.salemfive.com</span></a></span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</div>
<div>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:gray;"> </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</div>
<div>
<p class="ecxMsoNormal"><span style="font-size:9.0pt;font-family:"Calibri","sans-serif";color:gray;">This information may be confidential and/or privileged.  Use of this information by anyone other than the intended recipient is prohibited.  If you receive this
 message in error, please inform the sender and remove any record of this message.</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"></span></p>
</div>
<div>
<p class="ecxMsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";"> </span></p>
</div>
<p class="ecxMsoNormal"><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";">------------------------------------------------------------------------------<br>
Comprehensive Server Monitoring with Site24x7.<br>
Monitor 10 servers for $9/Month.<br>
Get alerted through email, SMS, voice calls or mobile push notifications.<br>
Take corrective actions from your mobile device.<br>
</span><a href="http://p.sf.net/sfu/Zoho_______________________________________________" target="_blank"><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";color:purple;">http://p.sf.net/sfu/Zoho_______________________________________________</span></a><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";"><br>
Snort-sigs mailing list<br>
</span><a href="mailto:Snort-sigs@lists.sourceforge.net"><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";color:purple;">Snort-sigs@lists.sourceforge.net</span></a><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";"><br>
</span><a href="https://lists.sourceforge.net/lists/listinfo/snort-sigs" target="_blank"><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";color:purple;">https://lists.sourceforge.net/lists/listinfo/snort-sigs</span></a><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";"><br>
</span><a href="http://www.snort.org/" target="_blank"><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";color:purple;">http://www.snort.org</span></a><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";"><br>
<br>
<br>
Please visit<span class="ecxapple-converted-space"> </span></span><a href="http://blog.snort.org/" target="_blank"><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";color:purple;">http://blog.snort.org</span></a><span class="ecxapple-converted-space"><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";"> </span></span><span style="font-size:9.0pt;font-family:"Menlo-Regular","serif";">for
 the latest news about Snort!</span></p>
</div>
</blockquote>
</div>
<p class="ecxMsoNormal"> </p>
</div>
</div>


<br>------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://p.sf.net/sfu/Zoho<br>_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!</div>                                           </div></body>
</html>