Snort mailing list archives
Re: Snort.conf 2.9.4
From: Joel Esler <jesler () sourcefire com>
Date: Wed, 5 Dec 2012 09:02:35 -0500
On Dec 4, 2012, at 8:58 PM, Amm Snort <ammdispose-snort () yahoo com> wrote:
From: Michael Steele <michaels () winsnort com> To: snort-users () lists sourceforge net Sent: Wednesday, 5 December 2012 4:06 AM Subject: Re: [Snort-users] Snort.conf 2.9.4 Also, matching the snort.conf from the 2.9.4 tarball and the snort.conf from the above 2.9.4 link, shows a multitude of differences. Is Sourcefire actually distributing the source and executables with updated configuration files, makes me wonder… Michael... http://labs.snort.org/snort/2940/snort.conf I also have similar question. Is the snort.conf in the above link VRT specific snort.conf or those using ET can use it too.
People using other rulesets can use our snort.conf, but yes, it is specifically tailored to the VRT ruleset. It has our recommended settings and configuration that is tested across many platforms.
Mostly differences are addition of new ports in directives.
Yes, but that's not all there will be.
Also why is version mentioned as 2.9.4.0 in snort.conf? but snort download page and tarball it is versioned as 2.9.4? I think it should be in fixed format of 4 decimal places.
That's a good point. I'll see what I can do. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire
------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort.conf 2.9.4 Michael Steele (Dec 04)
- Re: Snort.conf 2.9.4 Nigel Houghton (Dec 04)
- Re: Snort.conf 2.9.4 Joel Esler (Dec 04)
- Re: Snort.conf 2.9.4 Weir, Jason (Dec 05)
- Re: Snort.conf 2.9.4 Joel Esler (Dec 05)
- Re: Snort.conf 2.9.4 Joel Esler (Dec 04)
- Re: Snort.conf 2.9.4 Nigel Houghton (Dec 04)
- Re: Snort.conf 2.9.4 Michael Steele (Dec 04)
- Re: Snort.conf 2.9.4 Joel Esler (Dec 04)
- Re: Snort.conf 2.9.4 Amish Mehta (Dec 06)
- Re: Snort.conf 2.9.4 Amm Snort (Dec 04)
- Re: Snort.conf 2.9.4 Joel Esler (Dec 05)