Re: Reporting server and sensor compatibility

[Pratibha Rajan <pratibha.nair12 () outlook com>]

Thanks for the advice Al. But while the sensor is set to run 2.9.8, the central reporting server still runs 2.9.0.3 and 
is not scheduled for an upgrade/changes anytime soon. Will the reporting server still be able to download and 
distribute the latest VRT updates?

FYI - we still use Oinkmaster to manage the rules.

regards,
Pratibha

From: allewi () cisco com
To: pratibha.nair12 () outlook com; snort-users () lists sourceforge net
Subject: Re: [Snort-users] Reporting server and sensor compatibility
Date: Fri, 1 Jul 2016 10:52:59 +0000







Hello,



Your best bet is to test this offline with one sensor and go from there. You should be able to install 2.9.8 on the 
same sensor that’s running 2.9.0 (in a different directory). 













Albert Lewis

QA SNORT/Sourcefire

SOURCEfire, Inc. now
 part of Cisco

9780 Patuxent Woods Drive

Columbia, MD 21046

Email: allewi () cisco com 











From: Pratibha Rajan <pratibha.nair12 () outlook com>

Date: Friday, July 1, 2016 at 6:06 AM

To: 'snort-users' <snort-users () lists sourceforge net>

Subject: [Snort-users] Reporting server and sensor compatibility











Hi,




We run Snort as an IDS with one centralized reporting server that is used to push the VRT updates to multiple sensors 
sitting in promiscuous mode. All the servers including the reporting server and sensors run with very old versions of 
Snort - 2.9.0.3 on RHEL
 5.3. Needless to say the Rules also haven't been updated for a long time. 





Now if we were to upgrade some sensors to RHEL 7.2 with Snort 2.9.8.3, what issues will we be looking at w.r.t- VRT 
updates and conflict with the central reporting server (Snort - 2.9.0.3 on RHEL 5.3).




Will the Central reporting server still be able to download new rules(seeing that VRT updates have been EOL for 
2.9.0.3)?







Thanks much




Pratibha




------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!