Re: Status of Snort and the Rules - Stalled???

[Francesco <friscom () tin it>]

Recently.
ISS sent out this message to some of their customers and partners

(..)
I did some recent checking into our Network IDS competition and how they
went about protecting their customers from the new Microsoft vulnerability
(http://xforce.iss.net/xforce/alerts/id/147).  X-Force shipped XPUs for this
vulnerability and the big Cisco DoS already (7/18 and 7/19).  Here is how
everyone else stacks up:

 Symantec Manhunt               No protection
 Cisco IDS                      No protection
 Netscreen                      No protection
 Intruvert/NAI                  No protection
 Snort                          No protection

(..)
The promotional purpose is clear but the content is not far from what 
everyone here would like to say first.

Now, the question everyone can ask is: what is the status with such 
rule/exploit?
Some of us are better than others to release  and support new rules. I had 
a look at the RPC rules, its status is : v. 1.46, released June 2003.

I'd like to contribute in an active manner, but maybe my resources are 
scarce on this side.
Nonetheless, some sort of priority could really be necessary in cases like 
this.

Comments?
Francesco




-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users