Re: [Snort-sigs] Flowbit dependancy issue

[Matt Jonkman <jonkman () bleedingthreats net>]

I sent that email about a month ago. 1/8/07. Not sure why it just
surfaced....

Thanks Matt

MAtt

Matthew Watchinski wrote:
> Unless something broke recently I had fixed packages hand rolled into
> the "registered" user release about a month ago.
>
> Matt Jonkman wrote:
> > Don't know how to whistle here... or I would. :)
> >
> > If fixes do show up, or maybe even just a 'what happened' so we can fix 
> > it ourselves, will this be on the 30 day delay? Or whatever the license 
> > is now?
> >
> > Matt
> >
> > Bamm Visscher wrote:
> > > *crickets*  ??
> > >
> > > On 1/4/07, Bamm Visscher <bamm.visscher () gmail com> wrote:
> > > > Can you define "shortly". The problem was reported out of band well
> > > > before Matt brought it up on list. Are there any work arounds?  Can I
> > > > just s/dce.isystemactivator.bind/dce.bind.ISystemActivator/g as it
> > > > looks like there was a major renaming of flowbits that may have caused
> > > > the issue. Do I need to do a work around or do the new rules
> > > > associated with dce.bind.ISystemActivator give me the same coverage?
> > > >
> > > > Bammkkkk
> > > >
> > > >
> > > > On 12/21/06, Matthew Watchinski <mwatchinski () sourcefire com> wrote:
> > > > > Clean ups for this warning will be out shortly.
> > > > >
> > > > > Cheers,
> > > > > -matt
> > > > >
> > > > > Matt Jonkman wrote:
> > > > > > Using the new version of oinkmaster that's doing more detailed 
> > > > flowbit
> > > > > > dependancy checking:
> > > > > >
> > > > > > WARNING: SID 3431 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3436 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3428 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3435 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3425 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3433 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3430 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3439 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3429 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3427 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3437 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3434 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3440 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3426 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3432 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > > WARNING: SID 3438 depends on flowbit "dce.isystemactivator.bind" 
> > > > which
> > > > > > is not set in any rule
> > > > > >
> > > > > > I can't find the sig that's supposed to set that. That kills some 
> > > > good
> > > > > > rules. Anyone know where it went?
> > > > > >
> > > > > > Matt
> > > > -------------------------------------------------------------------------
> > > > > Take Surveys. Earn Cash. Influence the Future of IT
> > > > > Join SourceForge.net's Techsay panel and you'll get the chance to 
> > > > share your
> > > > > opinions on IT & business topics through brief surveys - and earn cash
> > > > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> > > > > _______________________________________________
> > > > > Snort-sigs mailing list
> > > > > Snort-sigs () lists sourceforge net
> > > > > https://lists.sourceforge.net/lists/listinfo/snort-sigs
> > > > -- 
> > > > sguil - The Analyst Console for NSM
> > > > http://sguil.sf.net
>
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier.
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs () lists sourceforge net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs

-- 
--------------------------------------------
Matthew Jonkman
Bleeding Edge Threats
765-429-0398
765-807-3060 fax
http://www.bleedingthreats.net
--------------------------------------------

PGP: http://www.bleedingthreats.com/mattjonkman.asc



-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users