Snort mailing list archives
Re: What's the difference between the shipped snort.conf's?
From: Jun Wan <junwei_wan () hotmail com>
Date: Thu, 29 Jul 2010 01:32:12 +0000
Hi Jimmy, I am going to do the same thing as you did---making the transition from 2.8.5.3 to 2.8.6.1. What's the best way to do this transition? How did you make the transition? Thanks Regards John
From: jimmy.cr4ckc0rn () gmail com Date: Wed, 28 Jul 2010 09:01:51 -0600 To: snort-users () lists sourceforge net Subject: [Snort-users] What's the difference between the shipped snort.conf's? I'm finally making the transition from 2.8.5.3 to 2.8.6.1 and am re-vamping my snort.conf but I'm seeing some differences between the snort.conf that ships with 2.8.6.1 and what shipped with the latest VRT release (on the 22nd). I'd used the one included in the ruleset but it doesn't pass a simple test (compiled with --enable-decoder-preprocessor-rules --enable-targetbased --disable-corefile --enable-zip --enable-sourcefire --enable-ipv6): ... Stream5 UDP Policy config: Timeout: 180 seconds ERROR: snort.conf(192) => Invalid keyword 'compress_depth' for 'global' configuration. Fatal Error, Quitting.. The snort.conf that is included with 2.8.6.1 doesn't have compress_depth so I'm just wondering what's the difference between the two config files and which is the best to use as a template? Cheers ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_________________________________________________________________ Need a new place to live? Find it on Domain.com.au http://clk.atdmt.com/NMN/go/157631292/direct/01/
------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- What's the difference between the shipped snort.conf's? Jimmy Crackcorn (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Joel Esler (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Jimmy Crackcorn (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Joel Esler (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Jimmy Crackcorn (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Jun Wan (Jul 28)
- Re: What s the difference between the shipped snort.conf's? waldo kitty (Jul 28)
- Re: What s the difference between the shipped snort.conf's? Jun Wan (Jul 28)
- Re: What s the difference between the shipped snort.conf's? Joel Esler (Jul 29)
- Re: What s the difference between the shipped snort.conf's? Jun Wan (Jul 29)
- correct rule url/IDSPM? John Hally (Jul 30)
- Re: correct rule url/IDSPM? John Hally (Jul 30)
- Re: What s the difference between the shipped snort.conf's? waldo kitty (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Joel Esler (Jul 28)