Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0

[Michael Scheidell <michael.scheidell () secnap com>]

so, to do IPS I have to move to Suricata 
<http://www.openinfosecfoundation.org>?


On 1/28/11 9:50 AM, Will Metcalf wrote:
> > snort-inline, I believe, is dead.  Will?
> I actually like to think of it as undead... A pig zombie roaming about
> the earth in search of brains consume.  But for all practical purposes
> yes, dead.  See notice..
>
> http://snort-inline.sourceforge.net/
>
> Regards,
>
> Will
>
> On Fri, Jan 28, 2011 at 8:27 AM, Joel Esler<jesler () sourcefire com>  wrote:
> > On Thu, Jan 27, 2011 at 4:11 PM, Michael Scheidell
> > <michael.scheidell () secnap com>  wrote:
> > > On 1/6/11 3:39 PM, Joel Esler wrote:
> > >
> > > Okay, so the feature set you are looking for is the ability to block using
> > > an external firewall, is that correct?
> > > You can't do the time based blocking from within Snort itself? (need to be
> > > inline)
> > >
> > > I also need snort sam patches for snort 2.9*.
> > Well, I can't help you there.
> >
> > > and you might want to check with wfreeman who will be maintaining snort
> > > for freebsd (I think)
> > Yes he will.  Maybe I'm too far out of this thread to realize why I need to
> > check with him though?
> >
> > > for freebsd, its critical:  not only for the distributed firewall issue as
> > > Matt said, but, since freebsd snort-inline port is stuck at 2.8.4, its the
> > > only game in town.
> > snort-inline, I believe, is dead.  Will?
> >
> > > (and as we know, there were those packet loss issues with 2.8.6.1 that you
> > > want us to upgrade to.. and, once you go past 2.9.1, we won't be able to get
> > > 2.8.6.1 VRT rules anymore)
> > 2.9.1 + 90 days.  You've got awhile.
> > ------------------------------------------------------------------------------
> > Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
> > Finally, a world-class log management solution at an even better price-free!
> > Download using promo code Free_Logger_4_Dev2Dev. Offer expires
> > February 28th, so secure your free ArcSight Logger TODAY!
> > http://p.sf.net/sfu/arcsight-sfd2d
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users () lists sourceforge net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users

--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
>*| *SECNAP Network Security Corporation

   * Certified SNORT Integrator
   * 2008-9 Hot Company Award Winner, World Executive Alliance
   * Five-Star Partner Program 2009, VARBusiness
   * Best in Email Security,2010: Network Products Guide
   * King of Spam Filters, SC Magazine 2008


______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________

------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires 
February 28th, so secure your free ArcSight Logger TODAY! 
http://p.sf.net/sfu/arcsight-sfd2d

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users