Snort mailing list archives
Re: Typeset change logs
From: Y M <snort () outlook com>
Date: Fri, 7 Mar 2014 19:37:43 +0000
Rules are usually shipped with the balanced policy as the default (Joel, correct if I am wrong). This means that the rule is/was disabled in the default policy. If that rule is marked with security ips policy in its metadata and you use the security policy in your PulledPork, then yes it will get enabled. YM From: SnortFan () yahoo com Date: Fri, 7 Mar 2014 13:45:35 -0500 To: snort-users () lists sourceforge net Subject: [Snort-users] Typeset change logs Hi All, I had a question about the changelog notices. In the change log I notice a list of rules marked as disabled, yet when I pull them down using pulledpork they are enabled. By using an ips policy setting am I enabling them? For example: In the notice below 21289 is disabled in the changelog linked below but it's active when I do a pull of the VRT rules. http://www.snort.org/vrt/docs/ruleset_changelogs/2_9_5_0/changes-2013-07-30.html I'm using:Snort 2.9.6.0Pulledpork 7Ips_policy=securityEnablesid.conf has protocol-VoIP Thanks,Ed Sent from a mobile device. ------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Typeset change logs SnortFan (Mar 07)
- Re: Typeset change logs Y M (Mar 07)
- Re: Typeset change logs Joel Esler (jesler) (Mar 07)
- Re: Typeset change logs Y M (Mar 07)