Snort mailing list archives
Re: Detecting w3af scans
From: waldo kitty <wkitty42 () windstream net>
Date: Wed, 30 Sep 2015 16:52:30 -0400
On 09/30/2015 11:45 AM, Bruno PEPPER wrote:
Hi, I am running snort (2.9.6.0 GRE (Build 47)) on ubuntu 14.04 in the IDS mode along with ET rules for 2.9
snort 2.9.6.2 is the oldest snort supported these days... there's also 2.9.7.3, 2.9.7.5 and the newly released 2.9.7.6 that are available... if you're pulling from a repo, it might be best to see if there's an up-to-date PPA available... if not, the recommendation is basically to get the code and build your own from the sources... that way you can stay up to date and keep up with the snort release policy which moves a lot faster than that available in most *nix release update repos... make sure you keep up with the https://www.snort.org/eol page to see which snorts are still supported and have rules being updated for them... the eol page doesn't even show 2.9.7.6 on it, at the time of this message posting, and the rules for registered users for 2.9.7.6 are not yet available... 2.9.7.3 support goes away on 2015 Oct 20 according to the EOL page... when a snort goes EOL, there's no more rules updates for them and the last set of rules is removed... i /think/ the last set may be available for 30 days if you are a registered user... i'm not sure about paying subscribers' access to old rules, though... -- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list* unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Detecting w3af scans Bruno PEPPER (Sep 30)
- Re: Detecting w3af scans Al Lewis (allewi) (Sep 30)
- Re: Detecting w3af scans Bruno Pepper (Sep 30)
- Re: Detecting w3af scans James Lay (Sep 30)
- Re: Detecting w3af scans Bruno Pepper (Sep 30)
- Re: Detecting w3af scans waldo kitty (Sep 30)
- Re: Detecting w3af scans Al Lewis (allewi) (Sep 30)