[Snort-users] Rule MANager for Snort V 0.0.3a is out ....

Mark Vevers mark at ...5096...
Fri Mar 8 03:47:05 EST 2002


Hi all,

Released RMAN-0.0.3 Alpha last night.

I've added variable handling and auto update of variables
on multiple remote sensors to rman.  This allows a 'sensor grid'
wide default with per sensor variations and automatic update.
(Oh and fixed a few bugs as well).  

This is the first stage in  being able to handle per group
variations as well so that you can have one rule, and for a
particular group on a particular sensor the variable gets
substituted without having to write special rules so that future
updates to a rule apply to all variations .... but you'll have to
wait for 0.0.4 alpha for that.

(i.e. for an ISP - only scan all customer traffic for
Nimda / CodeRed but apply full ruleset to isp's servers)

Can those who have downloaded RMAN drop me a line to let me
know how it's going - it would be great to have some feedback!
(although this might not be the best time to ask for this as I am
about to become a daddy for the second time ;-) !!)

Mark

-- 
Mark Vevers.    mark at ...5096... / mvevers at ...5097...
Internet Backbone Engineering Team
Internet for Learning, Research Machines Plc 






More information about the Snort-users mailing list