[Snort-users] Whats the correct way to migrate from v2.8.5.x to v2.8.6.x?

Joel Esler jesler at ...1935...
Tue Apr 27 19:41:23 EDT 2010


Good to go then.

On Tuesday, April 27, 2010, Chan, Wilson <wchan at ...14702...> wrote:
> Thanks! Now I get it! Doh! :)
>
> Wilson
>
> ----- Original Message -----
> From: Joel Esler <jesler at ...1935...>
> To: Chan, Wilson
> Cc: snort-users at lists.sourceforge.net <Snort-users at lists.sourceforge.net>
> Sent: Tue Apr 27 13:37:50 2010
> Subject: Re: [Snort-users] Whats the correct way to migrate from v2.8.5.x to v2.8.6.x?
>
> I said that the registered rules release window does not open for
> another 30 days (29 now).
>
> J
>
> On Tuesday, April 27, 2010, Chan, Wilson <wchan at ...14702...> wrote:
>> For the new oinkmaster updates (Free Feed) which tar.gz file do you use?
>>
>> snortrules-snapshot-CURRENT.tar.gz
>> snortrules-snapshot-2860.tar.gz
>> snortrules-snapshot-2860_s.tar.gz
>>
>> I was reading http://www.dshield.org/diary.html?storyid=8692 article by Joel Esler and it mentions to use snapshot-2860 without the "_s".  However, when I go to http://www.snort.org/snort-rules I see snortrules-snapshot-2860_s.tar.gz only for the subscription release. So, my assumption is "_s" means subscription release but there isn't any links under the registered-user release (30 day old) for the new file format. Any ideas? Thanks!
>>
>>
>>
>>
>> Wilson Chan
>>
>>
>> -----Original Message-----
>> From: Joel Esler [mailto:jesler at ...1935...]
>> Sent: Tuesday, April 27, 2010 1:02 PM
>> To: Chan, Wilson
>> Subject: Re: [Snort-users] Whats the correct way to migrate from v2.8.5.x to v2.8.6.x?
>>
>> Where do you see 2.8.6.1?
>>
>> On Tuesday, April 27, 2010, Chan, Wilson <wchan at ...14702...> wrote:
>>> Upgrade seems to be going. However, my oinkmaster configuration needs to
>>> change from reading the docs. Do I reference
>>> snortrules-snapshot-2861.tar.gz or 2860.tar.gz?  It seems the latest
>>> version of snort is v2.8.6.1.
>>>
>>> ==oinkmaster.conf==
>>> ##Old
>>> ##url =
>>> http://www.snort.org/pub-bin/oinkmaster.cgi/oink_key/snortrules-snapshot
>>> -2.8.tar.gz
>>>
>>> ## Snort 2.8.6.1
>>> url =
>>> http://www.snort.org/pub-bin/oinkmaster.cgi/oink_key/snortrules-snapshot
>>> -2861.tar.gz
>>>
>>>
>>> Wilson Chan
>>>
>>> -----Original Message-----
>>> From: Joel Esler [mailto:jesler at ...1935...]
>>> Sent: Tuesday, April 27, 2010 12:12 PM
>>> To: Chan, Wilson
>>> Cc: snort-users at lists.sourceforge.net
>>> Subject: Re: [Snort-users] Whats the correct way to migrate from
>>> v2.8.5.x to v2.8.6.x?
>>>
>>> That's what I did.  I used the snort.conf from the 2.8.6 rulepack and
>>> migrated my settings over.
>>>
>>> J
>>>
>>> On Tuesday, April 27, 2010, Chan, Wilson <wchan at ...14702...> wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Do you take the v2.8.6 snort.conf and manually port all the
>>>> setting over from v2.8.5.x?
>>>>
>>>> What is the correct procedure for updating from source?
>>>> Thanks!
>>>>
>>>>
>>>>
>>>> Wilson
>>>> Chan
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>> --
>>> Joel Esler
>>>
>>>
>>
>> --
>> Joel Esler
>>
>>
>
> --
> Joel Esler
>
>

-- 
Joel Esler




More information about the Snort-users mailing list