Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody?

[Matthew Jonkman <jonkman () emergingthreatspro com>]

The issue is though that VRT won't support versions back to snort 2.4, nor a version for suricata, which we do at ET. 
So we have the gpl rules here as well in the ET ruleset. 

If that could be worked out we could integrate, but I think SF has made it clear their stance on suricata, and on 
snorts more than 2 versions back.

Matt


On Mar 18, 2011, at 3:20 PM, Joel Esler wrote:

> That was a porn rule.  Which we've gotten rid of.
>
> Rules that are <1,000,000 in SID are officially maintained by the VRT (even the sids that were available before the 
> VRT license change -- commonly referred to as "gpl rules").  
>
> Emerging threats is encouraged to submit any changes to the ruleset to sids <1,000,000 back to the VRT for inclusion 
> into the VRT set.  However, the numbers should not be duplicated.
>
> J
>
> On Mar 18, 2011, at 3:04 PM, Weir, Jason wrote:
>
> > That is the raw packet data - as outputted by BASE anyways..
> >
> > That rule is in the ET set here
> >
> > http://rules.emergingthreats.net/open/snort-2.9.0/emerging-all.rules
> >
> > -J
> >
> > > -----Original Message-----
> > > From: waldo kitty [mailto:wkitty42 () windstream net] 
> > > Sent: Friday, March 18, 2011 2:53 PM
> > > To: Weir, Jason
> > > Cc: emerging-sigs () emergingthreats net
> > > Subject: Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody?
> > >
> > >
> > > On 3/18/2011 13:56, Weir, Jason wrote:
> > > > After I spammed the snort sigs list on this - looks like it 
> > > came with
> > > > the ET rules..
> > > >
> > > > It's probably not maintained by anyone but I'm seeing what 
> > > could be a FP
> > > > on 1313
> > >
> > > sid:1313; does not exist in my setup with both VRT and ET 
> > > rules sets... not even 
> > > as a commented line...
> > >
> > > > Here's the data - no "up skirt" that I can see....
> > >
> > > is that the raw packet data?
> >
> >
> > _____________________________________________________________________________________________
> >
> > Please visit www.nhrs.org to subscribe to NHRS email announcements and updates.
> > _______________________________________________
> > Emerging-sigs mailing list
> > Emerging-sigs () emergingthreats net
> > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
> >
> > Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com
> > The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current!
>
> --
> Joel Esler
> jesler () sourcefire.com
> http://blog.snort.org && http://blog.clamav.net
> Twitter: @snort
>
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs () emergingthreats net
> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
>
> Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com
> The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current!


----------------------------------------------------
Matthew Jonkman
Emergingthreats.net
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 765-807-8630 x110
Fax 312-264-0205
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc




------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users