Snort mailing list archives

Re: snort 1.7 vs snort 1.8p1 less info.. why?

From: "Jim Forster" <jforster () rapidnet com>
Date: Wed, 25 Jul 2001 16:58:05 -0600

This is correct.  The 1.7 distro was many of the rules that use to be hosted
on Snort.org.  As of 1.8 - this has shifted to a default 'distro' ruleset
which has been cleaned up.
I'm considering making the other available on my personal website like it
was in the past, for those that used those rulesets.  (now that we have a
modular load in the snort.conf file, naming them as coming from outside
Snort distro should be easy to do.)
Thanks!

Jim Forster
Network Administrator
RapidNet, A Golden West Company
--------------------------------------------------------
http://www.snort.org


----- Original Message -----
From: "David Gullett" <dgullett () circuitsmaximus com>
To: <snort-users () lists sourceforge net>
Sent: Wednesday, July 25, 2001 4:18 PM
Subject: RE: [Snort-users] snort 1.7 vs snort 1.8p1 less info.. why?

I believe this is due to changes in the rulesets.  When I upgraded to 1.8
from 1.7, a bunch of SYN scans were no longer recorded.  I had to recreate
similiar rules in my local.rules file.

David Gullett
Circuits Maximus, LLC.

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]On Behalf Of Dr SuSE
Sent: Wednesday, July 25, 2001 4:45 PM
To: ml () db nexgen com; snort-users () lists sourceforge net
Subject: Re: [Snort-users] snort 1.7 vs snort 1.8p1 less info.. why?


Can you give us some more info on what info you were seeing and what info
you
are no longer seeing?  Without this info we can not help you obtain your
info
and figure out why the info contains less info than the previous info that
your
informing us of.

Thanks for the info

when i was using snort 1.7

i used to get alot of info even when i start pinging host or when host
pinged me

i installed 1.8p1 and i dont get any of this info..

any ideas why?



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



Score my PGP key @
http://www.drsuse.org/pks

---------------------------------------------
Microsoft ist nicht installiert.
http://www.drsuse.org/



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort 1.7 vs snort 1.8p1 less info.. why? alexus (Jul 25)
- MySQL DB creation error Jason Lewis (Jul 25)
  - RE: MySQL DB creation error Jason Lewis (Jul 25)
- Re: snort 1.7 vs snort 1.8p1 less info.. why? Brian Caswell (Jul 26)
  - Re: snort 1.7 vs snort 1.8p1 less info.. why? alexus (Jul 26)
    - Re: snort 1.7 vs snort 1.8p1 less info.. why? Patrick Hawley (Jul 26)
    - Re: snort 1.7 vs snort 1.8p1 less info.. why? alexus (Jul 26)
- <Possible follow-ups>
- Re: snort 1.7 vs snort 1.8p1 less info.. why? Dr SuSE (Jul 25)
  - RE: snort 1.7 vs snort 1.8p1 less info.. why? David Gullett (Jul 25)
    - Re: snort 1.7 vs snort 1.8p1 less info.. why? Jim Forster (Jul 25)
  - Re: snort 1.7 vs snort 1.8p1 less info.. why? alexus (Jul 26)