Snort mailing list archives
Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0
From: Matthew Jonkman <jonkman () emergingthreatspro com>
Date: Fri, 28 Jan 2011 16:04:33 -0500
Something I've got on our agenda for the OISF brainstorming meeting at RSA in a couple weeks is whether we should go after a snortsam interface for suricata, or build a unified2 output plugin for snortsam which would keep it much more easily compatible with both engines. I prefer the unified plugin, but that leaves direct DB users in the cold, so perhaps we'll need a solution there. Long term solution is suri to have ip reputation in place, which is a major priority for this next round of development. Matt On Jan 28, 2011, at 3:22 PM, Castle, Shane wrote:
The SnortSam changes for the newer versions of Snort are trivial -- or at least they were for 2.9.0, which is what I tested. I didn't even bother to save them when I tested. I got rid of the VM I tested on tho since I wasn't able actually to migrate to the new version real soon. Anyone with a smattering of C/diff/makefile skills will have no problem. -- Shane Castle Data Security Mgr, Boulder County IT CISSP GSEC GCIH -----Original Message----- From: Frank Knobbe [mailto:frank () knobbe us] Sent: Friday, January 28, 2011 12:59 To: Michael Scheidell Cc: Snort Users Subject: Re: [Snort-users] SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 On Fri, 2011-01-28 at 09:48 -0500, Michael Scheidell wrote:On 1/28/11 9:27 AM, Joel Esler wrote:snort-inline, I believe, is dead. Will?so, if snortsam is dead, and snort-inline is dead, what is the solution?Snortsam isn't dead. It's EOD (End of Development, at least for my part. I don't even use it anymore), but I wouldn't consider it EOL (End of Life). It still works and seem to work well for a lot of folks. Can't help with patching Snort though. If anyone has patches for Snort 2.9.x, please let me know and I'll put them on the Snortsam website. Cheers, Frank ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
---------------------------------------------------- Matthew Jonkman Emergingthreats.net Emerging Threats Pro Open Information Security Foundation (OISF) Phone 765-807-8630 Fax 312-264-0205 http://www.emergingthreatspro.com http://www.openinfosecfoundation.org ---------------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0, (continued)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Crusty Saint (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Joel Esler (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Matthew Jonkman (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Nigel Houghton (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 NA (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Russ Combs (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 waldo kitty (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Frank Knobbe (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Jeff Kell (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Castle, Shane (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Matthew Jonkman (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Will Metcalf (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Michael Scheidell (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 waldo kitty (Jan 28)
- Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0 Michael Scheidell (Jan 28)
- Re: [Snort-sigs] RulePack update and End of Life of 2.8.6.0 Castle, Shane (Jan 06)
- Re: [Snort-sigs] RulePack update and End of Life of 2.8.6.0 Castle, Shane (Jan 06)
- Re: [Snort-sigs] RulePack update and End of Life of 2.8.6.0 Jeff Kell (Jan 06)
- Re: RulePack update and End of Life of 2.8.6.0 Randal T. Rioux (Jan 06)