[Snort-users] Barnyard2 - v2-1.10 is released
allowoverride at ...11827...
Wed Sep 26 12:26:58 EDT 2012
Hello Firnsy folks,
quick question: it's been interesting to exactly how interact barnyard
interacts with snort, and curious why it was chosen over oinkmaster as
the preferred method. I have noticed that usually if a product is
incorporated with another, they would have a basic config file that
mirrors the file paths, rather than it be say manually configed inside
the conf, or in commandline options when run. So, I wonder if you could
pass this to the devs and ask if they can try to make it Easier to
install with the snort source attained from snort.org. I mean, they
state its preferred now over oinkmaster, however, it its not a seemless
install. yes I understand linux/unix FS but for it to be much quicker
and easier to install with snort would be great! meaning, paths match
the same as the snort-18.104.22.168 for example version.
also, there is the same issue with pulledpork. paths are all over the
place. both snort, and PP, and yes Barnyard2-firnsy the paths can be
cumbersome to finagle for first or even 2nd time users.
just a heads up, it's not simple and takes days especially when trying
to auto script snort, PP, and BY to all work together.
pass this on to a friend, thanks, pete
On Tue, 2012-09-25 at 18:54 +1000, firnsy wrote:
> G'day all,
> It's my great pleasure to finally announce the next stable release of
> barnyard2 v2-1.10 build(310).
> After almost 20 months of development and continuous testing from the
> community we are happy to get this one out to the masses (without the
> beta tag).
> This development cycle has seen a lot of changes, refinements and
> fixes. This will be the last version build arround the old database
> The next release of barnyard2 will come with new database output that
> only support the new schema, native IPv6 support and FULL unified2
> support for all output plugin.
> I could go on about the changes, but the wait has been long enough.
> Here's a summary of the more notable changes:
> * Additions
> - spo_database. Support of encrypted connections to postgresql
> is now available. See README.database for the appropriate options.
> - spo_sguil. Fixed issue with duplication of alerts.
> - Completely re-written database plugin for performance
> optimisation against the original DB schema.
> NOTE: If you have intentions of running this new version we
> highly recommended you to clean two databases table for better
> performance: reference and sig_reference, not doing so will not
> break anything but could slow the startup caching process).
> - New Bro output plugin (thanks to Seth Hall)
> - A new syslog plugin (syslog_full) that support local and remote
> TCP and UDP syslog.
> * Improvements
> - Improved support against the latest Unified 2 format. Extended
> headers are read, however no plugins use the information currently.
> - Improved core IPv6 support.
> - Compile under cygwin
> - And many, many bugfixes.
> You can download the source in a number of ways:
> - https://github.com/firnsy/barnyard2/tags (as a zip/tarball)
> - git://github.com/firnsy/barnyard2.git (via a git clone)
> I would like to pay a special thanks to Eric Lauzon (the newest member
> of the core development team) and the many people who have helped along
> the road: Russell Fulton, Tim Shelton, JJ Cummings. Michael Steele,
> Brett Edgar, Bill Parker, Miguel Alvarez, Martin Holste, Jason Haar and
> any others who I may have missed.
> - firnsy
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
More information about the Snort-users