[Snort-users] Snort Rules Update BROKE
cunningpike at ...11827...
Mon Apr 12 15:52:17 EDT 2010
On Mon, Apr 12, 2010 at 10:37 AM, Joel Esler <joel.esler at ...14399...> wrote:
> Detection_filter is a keyword for 2.8.5.
> If you are using the up to date Snort rules, you need to use the up to
> date version of Snort.
> Joel Esler
> Sent from my iPhone
> On Apr 12, 2010, at 12:03 PM, Billy Marshall
> <Billy.Marshall at ...9988...> wrote:
>> Hi all,
>> How long will the snort rule updates for 188.8.131.52 going to be broke?
>> I noticed it mentioned march 16th
>> ERROR: Warning: /etc/snort/rules/dns.rules(59) => Unknown keyword '
>> detection_filter' in rule!
>> I understand there are many more.
In the meantime, you could try this oinkmaster config:
modifysid * "detection_filter:" | "threshold:type both,"
More information about the Snort-users