[Snort-users] Snort 2.9.1 Now Available

vincent at ...15035... vincent at ...15035...
Wed Aug 24 08:07:52 EDT 2011


Hi again,

Just FYI, I used the pristine .tar.gz archive since it appeared to be more 
recent than that inside the src.rpm. I rebuilt daq+snort for RHEL5 and 
RHEL6 and they're available here:

http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/SRPMS/daq-0.6.1-10.el5.src.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/SRPMS/snort-2.9.1-14.el5.src.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/i386/daq-0.6.1-10.el5.i386.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/i386/daq-debuginfo-0.6.1-10.el5.i386.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/i386/snort-2.9.1-14.el5.i386.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/i386/snort-debuginfo-2.9.1-14.el5.i386.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/i386/snort-mysql-2.9.1-14.el5.i386.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/i386/snort-postgresql-2.9.1-14.el5.i386.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/i386/snort-unixODBC-2.9.1-14.el5.i386.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/x86_64/daq-0.6.1-10.el5.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/x86_64/daq-debuginfo-0.6.1-10.el5.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/x86_64/snort-2.9.1-14.el5.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/x86_64/snort-debuginfo-2.9.1-14.el5.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/x86_64/snort-mysql-2.9.1-14.el5.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/x86_64/snort-postgresql-2.9.1-14.el5.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL5/x86_64/snort-unixODBC-2.9.1-14.el5.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/SRPMS/daq-0.6.1-10.el6.src.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/SRPMS/snort-2.9.1-14.el6.src.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/i386/daq-0.6.1-10.el6.i686.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/i386/daq-debuginfo-0.6.1-10.el6.i686.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/i386/snort-2.9.1-14.el6.i686.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/i386/snort-debuginfo-2.9.1-14.el6.i686.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/i386/snort-mysql-2.9.1-14.el6.i686.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/i386/snort-postgresql-2.9.1-14.el6.i686.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/i386/snort-unixODBC-2.9.1-14.el6.i686.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/x86_64/daq-0.6.1-10.el6.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/x86_64/daq-debuginfo-0.6.1-10.el6.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/x86_64/snort-2.9.1-14.el6.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/x86_64/snort-debuginfo-2.9.1-14.el6.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/x86_64/snort-mysql-2.9.1-14.el6.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/x86_64/snort-postgresql-2.9.1-14.el6.x86_64.rpm
http://vscojot.free.fr/dist/snort/snort-2.9.1/RHEL6/x86_64/snort-unixODBC-2.9.1-14.el6.x86_64.rpm

Minimal testing was performed on these so please let me know if these work 
for you (nor not!). :)

~]# snort -T -c /etc/snort/snort.conf 2>&1 |tail -22
   o"  )~   Version 2.9.1 IPv6 GRE (Build 71)
    ''''    By Martin Roesch & The Snort Team: 
http://www.snort.org/snort/snort-team
            Copyright (C) 1998-2011 Sourcefire, Inc., et al.
            Using libpcap version 1.1.1
            Using PCRE version: 6.6 06-Feb-2006
            Using ZLIB version: 1.2.3

            Rules Engine: SF_SNORT_DETECTION_ENGINE  Version 1.15  <Build 18>
            Preprocessor Object: SF_SDF (IPV6)  Version 1.1  <Build 1>
            Preprocessor Object: SF_DCERPC2 (IPV6)  Version 1.0  <Build 3>
            Preprocessor Object: SF_FTPTELNET (IPV6)  Version 1.2  <Build 13>
            Preprocessor Object: SF_POP (IPV6)  Version 1.0  <Build 1>
            Preprocessor Object: SF_REPUTATION (IPV6)  Version 1.1  <Build 1>
            Preprocessor Object: SF_SSLPP (IPV6)  Version 1.1  <Build 4>
            Preprocessor Object: SF_DNS (IPV6)  Version 1.1  <Build 4>
            Preprocessor Object: SF_SMTP (IPV6)  Version 1.1  <Build 9>
            Preprocessor Object: SF_IMAP (IPV6)  Version 1.0  <Build 1>
            Preprocessor Object: SF_SIP (IPV6)  Version 1.1  <Build 1>
            Preprocessor Object: SF_SSH (IPV6)  Version 1.1  <Build 3>

Snort successfully validated the configuration!
Snort exiting
~]#

Best regards,

Vincent

On Wed, 24 Aug 2011, vincent at ...15035... wrote:





More information about the Snort-users mailing list