[Snort-devel] Re: [Snort-users] SNMP plugin removed from Snort + stream4 patch for 1.9.1

Kevin J. Schmidt kschmidt at ...468...
Mon Apr 21 06:49:22 EDT 2003


I look forward to the "new" XML plugin. When will it be released?

I'd like to suggest some functionality additions to the plugin. Would it
be feasible to allow the configuration of persistent connections to
remote hosts? In other words, as part of the XML config in snort.conf,
allow a flag to be set which defines a persistent connection be
maintained to the remote host. I've DOSed a Snort box when using Snot
and outputing via the XML plugin to a remote host. I was going to add
this functionality myself, but if someone else is on it, then that's
cool.

Thanks,

On Sun, 2003-04-20 at 11:56, Roman Danyliw wrote:
> A complete rewrite of the XML plugin is currently being implemented; the
> database plugin follows for v2.0.  This will also include plugins for barnyard.
> 
> Roman
> 
> On 18 Apr 2003 11:23:04 -0400, "Kevin J. Schmidt" <kschmidt at ...468...> wrote :
> 
> > Thanks, Marty. What about the XML plugin? Will that be in the contrib
> > section, too?
> > 
> > Thanks,
> > 
> > On Thu, 2003-04-17 at 22:58, Martin Roesch wrote:
> > > We will put the plugin up on snort.org in the contrib section in the near
> > > future.  
> > > 
> > > I'm going to do a patch for 1.9.1 to address the overflow, but people should
> > > really move up to 2.0.0 as soon as possible, there are a lot of good reasons
> > > to do so.  (the snmp output plugin should be able to plugin to 2.0 if
> > > necessary...)
> > > 
> > >      -Marty
> > > 
> > > On 4/17/03 6:56 AM, "Martin Olsson" <elof at ...6680...> wrote:
> > > 
> > > > 
> > > > On 15 Apr 2003, Jose Vicente Nunez Z wrote:
> > > >> Does anyone know if this plugin will be included again?. We started
> > > >> using this plugin with Snort 1.8 (and we keep using it) with Snort 1.9
> > > >> (for us is very useful because we integrated Snort with an NMS that
> > > >> receives SNMP traps).
> > > > 
> > > > We use the snmp-output-plugin with a NMS too, so we hope the snmp-support
> > > > will be added again soon.
> > > > 
> > > > If this support is NOT to be added soon, it would be greatly appreciated
> > > > if the developers told us so ASAP.
> > > > 
> > > > 
> > > > Meanwhile it would be very nice if the developers could create a
> > > > 1.9.1-patch for the buffer overflow in the stream4-plugin, so we who use
> > > > snort with snmp can continue to use it without having to upgrade to v2.0.
> > > > 
> > > > Regards,
> > > > Martin
> > > > 
> > > > 
> > -- 
> > Kevin J. Schmidt <kschmidt at ...468...>
> > 
> > 
> > 
> > -------------------------------------------------------
> > This sf.net email is sponsored by:ThinkGeek
> > Welcome to geek heaven.
> > http://thinkgeek.com/sf
> > _______________________________________________
> > Snort-devel mailing list
> > Snort-devel at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/snort-devel
> > 
> > 
> > 
> > 
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- 
Kevin J. Schmidt <kschmidt at ...468...>





More information about the Snort-users mailing list