Snort mailing list archives
Re: Snort Users Yahoo Group
From: Jeff Nathan <jeff () snort org>
Date: Sun, 22 Jun 2003 13:08:33 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ISS's work was based on a paper written by Dave Meltzer. Meltzer, being the individual who discovered the Linux binaries in the wild has already said the binaries he found do not match the behavior of the traffic he's seen. In other words, they're A source, not THE source. - -Jeff - --On Saturday, June 21, 2003 09:33:15 -0700 "Roy S. Rapoport" <snort-users () ols inorganic org> wrote:
On Fri, Jun 20, 2003 at 08:52:50PM -0700, Jeff Nathan wrote:the list is slow. Primary reasons? The components most users want to get running are poorly documented and instead asking the authors of these systems for more complete documentation, sending a message to the support list for said component (Snortcenter, etc) or searching the mailing list archives of this list, people post directly to snort-users. Sourceforge is also a bit slow but for a free service it's rather remarkable. In any case, the bulk of the traffic on this list is newbie traffic asking how to get ACID and/or snortcenter running. There are only a few reasonable solutions to the problem. Ask the developers of theseJeff is right about all these points. My perception is that traffic about in-depth management of Snort comprises of only about ~5-10% of overall traffic. I don't think it's fair to say everything else is "How do I get ACID/SnortCenter working?" -- I think a fair amount of it is "How do I get Snort logging to MySQL?" -- but the problem is still that really, snort-users should be a rather low-volume list, and we need snort-newusers (or snort-setup) and then -- *MAYBE* -- snort-3rdparty-setup (though for God's sake, with a better name than that). However, if we do go ahead and do this, I'd argue there's a need to have all three lists reside in the same place and advertised through snort.org. I think the vast majority of people who land on this mailing list find it because they've downloaded snort from Snort.org and seen Snort's link to this mailing list. It's foolish to wait until someone posts to say "hey, you should go to this other mailing list." As for the 3rd-party tools, I have to admit I didn't even notice ACID had its own user mailing list hosted on sourceforge. Of course, of the 13 messages posted in June, it appears approximately 11 are spam, so it's obviously not being vigorously managed. I do think we should start responding to ACID questions with "That's not appropriate for this mailing list," though I'm not sure we have enough cantankerous assholes to maintain that as a consistent tone. I do very strongly support the idea of a mailing list for each widely-adopted tool. I'm not sure what's going to happen in the case of SnortCenter. I'm guessing Lars doesn't have a whole bunch of energy/desire to deal with the support side of it (and in the case of SC, I think there's a danger anyway because it is so dependent on the efforts of one person). -roy ------------------------------------------------------- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
- -- http://cerberus.sourcefire.com/~jeff (pgp key available) "Great spirits have always encountered violent opposition from mediocre minds." - - Albert Einstein -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (OpenBSD) iD8DBQE+9gzGEqr8+Gkj0/0RAmpFAJ9gwUJcL704mat9xlXWh7tfbC9HkgCcDoad bYwtmiT8KtA5vHWGvs/z77s= =TcX8 -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Snort Users Yahoo Group, (continued)
- Re: Snort Users Yahoo Group Chris Mann (Jun 19)
- Re: Snort Users Yahoo Group Michael Anderson (Jun 19)
- Re: Snort Users Yahoo Group Brian (Jun 19)
- Re: Snort Users Yahoo Group Rodney Green (Jun 19)
- Re: Snort Users Yahoo Group Brian (Jun 19)
- Re: Snort Users Yahoo Group payothlh (Jun 19)
- Re: Snort Users Yahoo Group Matt Kettler (Jun 19)
- Re: Snort Users Yahoo Group Roy S. Rapoport (Jun 19)
- Re: Snort Users Yahoo Group Jeff Nathan (Jun 20)
- Re: Snort Users Yahoo Group Roy S. Rapoport (Jun 21)
- Re: Snort Users Yahoo Group Jeff Nathan (Jun 22)
- Re: Snort Users Yahoo Group Jeff Nathan (Jun 22)
- Re: Snort Users Yahoo Group Rodney Green (Jun 19)
- Re: Snort Users Yahoo Group Bennett Todd (Jun 19)