[Snort-users] ANNOUNCE: New project site for Snort IDMEF plugin

Sandro Poppi spoppi at ...158...
Tue Sep 2 05:41:23 EDT 2003


Hi snorters,

As stated in a previous posting I took over maintenance of snort's IDMEF 
plugin originally developed by the folks of Silicon Defense 
(http://www.silicondefense.com).

I wish to express my thankfullness for the work they've done and the 
support they gave me from the beginning, namely Joe McAlerney and Stuart 
Stanford.

The new project page can be found at 
http://sourceforge.net/projects/snort-idmef.

I just created a new release which solves some issues with the previous 
version:

Release 1.2 alpha
- fixed some bugs resulting in segfaults
- added correct references when building IDMEF: ID's where missing
- added snort'S sid since this is a reference too ;)
- resolved tcp output issues: Connecting to a tcp listener now works as 
expected (as far as I've tested yet ;)
- created for snort 2.0.1

This release still only generates IDMEF messages for portscan, SPADE and 
rule alerts. Generators like preprocessor bo are not yet supported, but 
work is going on.

For  questions regarding this plugin please use the mailinglists 
provided at the project website.

I hope you'll find it usefull and I appreciate your comments!

Thank you!

Happy snort'ing,
Sandro
-- 
"Linux is like a wigwam: no windows, no gates ... apache inside!"

http://www.lug-burghausen.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3162 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030902/d49d2f90/attachment.bin>


More information about the Snort-users mailing list