Snort mailing list archives
Re: [Snort-Users] help me about snortsp 3.0.b3
From: Joel Esler <joel.esler () me com>
Date: Wed, 12 Oct 2011 10:49:31 -0400
Well -- Let me clarify a few things since there's obviously confusion. SnortSP is a platform in order to run detection engines (Snort being one) inside of. The current beta that is available is pretty old. However, it's development is not dead. We just have nothing to release at this time. 2.9.1.1 is the current Snort version available for download at http://www.snort.org. I encourage it's use. In other news we should be releasing a beta of the next version of Snort with some pretty revolutionary features soon. Razorback, a VRT development effort, is not an IDS as Kevin seems to be confused about below. Snort, as an IDS can feed Razorback. Snort is but one part of Razorback, as is ClamAV. Razorback is a very elegant and revolutionary way to tie many tools together in a coherent and easy-to-understand fashion. I was complimenting one of the developers of Razorback yesterday, in that I was taking a look at some of the current builds of it and was blown away. I was thinking back to the days when I was an analyst poking away at my customer's networks trying to figure out what was going on, and Razorback is the first product I've seen in the 13-14 years I've been in security, that really makes a difference. It's a framework, many pieces can feed it, and I think we've only begun to scratch the surface of what it can do. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Oct 12, 2011, at 10:39 AM, Kevin Ross wrote:
Forget it. Snort 2.9.1 newer. Snort 3 is dead (well in that form); I think VRT are going down the razorback route. That file came out 2009 timeframe where snort 2.9.1 was released in the last few weeks. You could also give Suricata a go. On 12 October 2011 15:28, samira samani <heidarim1363 () gmail com> wrote: i am a new in this IDS and i install snort 2.9 and work with easily BUT when install snortsp 3.0.b3 i don't know how to load VRT rules to snort 3 for matching with attacks. please help me about how to work with snort 3
------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: [Snort-Users] help me about snortsp 3.0.b3 Kevin Ross (Oct 12)
- Re: [Snort-Users] help me about snortsp 3.0.b3 Joel Esler (Oct 12)