Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Logically truncated snortrules-snapshot tarball [was: Re: Snort Rule Downloading]

From: "Kristofer T. Karas" <ktk () enterprise bidmc harvard edu>
Date: Mon, 03 May 2004 13:18:37 -0400
Snortty wrote:


I just ran this oinkmaster.pl, it worked for me also!
thanks for who ever fixed this - the unknown hero!
Unfortunately the glowing news is premature. Yes, a new snortrules-snapshot-2_1.tar.gz was released for everybody using a production 2.1.x snort; and it does contain some updates and a sid-msg.map with 2378 unique SIDs. However, the *.rules files in the tarball only contain 2334 unique rules. In particular, all the new rules that detect Sasser (e.g. 2514) are missing!
Whoever it is who maintains the downloadable rules should take a look pronto. Those of us *not* using the CVS version of snort are out in the cold. 

Kris




-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click 
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: