[Snort-users] pulledpork 0.4.1 Release

JJ Cummings cummingsj at ...11827...
Tue Apr 27 10:14:58 EDT 2010


In conjunction with, and to support Snort 2.8.6 and the new rules tarball
format:

v0.4.1 (Stumbling Leprechaun)

New Features/changes:

    * Flowbit tracking! - This means that all flowbits are not enabled when
a specific base ruleset is specified (security etc...) but rather all
flowbits are now tracked, allowing for only those that are required to be
enabled.
    * Adjusted pulledpork.conf to account for new snort rules tarball naming
and packing scheme, post Snort 2.8.6 release.
    * Added option to specify all rule modification files in the master
pulledpork.conf file - feature request 19.
    * Added capability to specify base ruleset (see README.RULESETS) in
master pulledpork.conf file.
    * Handle preprocessor and sensitive-information rulesets

Bug Fixes:

    * 18 - non-rule lines containing the string sid:xxxx were being
populated into the rule data structure, added an extra check to ensure that
this does not occur
    * Cleaned up href pointers, syntatical purposes only...
    * Modified master config to allow for better readability on smaller
console based systems
    * Error output was not always returning full error, fixed this

BE SURE to read through the master pulledpork.conf file thoroughly, as there
are many changes as of snort 2.8.6.0 that WILL affect you, even if you are
NOT yet running 2.8.6.0!

Read more, or get it, at http://code.google.com/p/pulledpork/ and
http://global-security.blogspot.com/2010/04/pulledpork-041-i-see-your-sensitive.html

JJC
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100427/26350457/attachment.html>


More information about the Snort-users mailing list