Snort mailing list archives
Re: Typeset change logs
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Fri, 7 Mar 2014 22:23:53 +0000
YM, you are correct. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team On Mar 7, 2014, at 2:37 PM, Y M <snort () outlook com<mailto:snort () outlook com>> wrote: Rules are usually shipped with the balanced policy as the default (Joel, correct if I am wrong). This means that the rule is/was disabled in the default policy. If that rule is marked with security ips policy in its metadata and you use the security policy in your PulledPork, then yes it will get enabled. YM ________________________________ From: SnortFan () yahoo com<mailto:SnortFan () yahoo com> Date: Fri, 7 Mar 2014 13:45:35 -0500 To: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: [Snort-users] Typeset change logs Hi All, I had a question about the changelog notices. In the change log I notice a list of rules marked as disabled, yet when I pull them down using pulledpork they are enabled. By using an ips policy setting am I enabling them? For example: In the notice below 21289 is disabled in the changelog linked below but it's active when I do a pull of the VRT rules. http://www.snort.org/vrt/docs/ruleset_changelogs/2_9_5_0/changes-2013-07-30.html I'm using: Snort 2.9.6.0 Pulledpork 7 Ips_policy=security Enablesid.conf has protocol-VoIP Thanks, Ed Sent from a mobile device. ------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Typeset change logs SnortFan (Mar 07)
- Re: Typeset change logs Y M (Mar 07)
- Re: Typeset change logs Joel Esler (jesler) (Mar 07)
- Re: Typeset change logs Y M (Mar 07)