[Snort-users] Snort & Pulled Pork questions

Heine Lysemose lysemose at ...11827...
Thu May 17 12:21:05 EDT 2012


Sounds great!

/Lysemose
On May 17, 2012 5:42 PM, "Joel Esler" <jesler at ...1935...> wrote:

> What we are going to start doing is releasing a version of the Shared
> Object rules for the new version so people can upgrade right away.  The
> text rules will always work.
>
> J
>
> On May 17, 2012, at 9:20 AM, "Weir, Jason" <jason.weir at ...14916...> wrote:
>
> Working on updating to the latest version of snort (2.9.2.3) and using
> pulledpork (0.6.1).****
> ** **
> For those of us that are not paying subscribers of the VRT rule set
> updating to the latest issue within the first 30 days causes issues..****
> ** **
> I updated from 2.9.2.2 to 2.9.2.3 yesterday, when pulled pork runs it
> detects the snort version and attempts to download the correct rule set,
> well for me there is no rule set and won’t be for 30 days..****
> ** **
> Now I can manually set the snort version to 2.9.2.2 in pulledpork.conf as
> long as 2.9.2.2 rules are compatible with 2.9.2.3 (which Joel indicated
> they are.  This time..).****
> ** **
> What happens when a change is made that make the older rules not
> compatible?****
> ** **
> Are my choices to (1) not upgrade to the latest snort version for 30 days,
> until “free” rules are available, or (2) purchase a rule subscription?****
> ** **
> Thanks,****
> Jason****
>
> _____________________________________________________________________________________________
>
> Please visit www.nhrs.org to subscribe to NHRS email announcements and updates.
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats.
> http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/_______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120517/4142353d/attachment.html>


More information about the Snort-users mailing list