Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Re: flowbits

From: "Douglas McCrea" <dmccrea () rutgers edu>
Date: Tue, 24 Feb 2004 14:17:43 -0500
I agree,

I don't think I understand the reasoning of introducing a rule for a feature that did not exist in the current stable 
release knowing that Snort would break. I use Oinkmaster and I had to find the rules that had flowbits enabled and 
disablesid them.

Snort Team: Why don't you create a new ruleset for RC1 until 2.1.1 is released? BTW, RC1 doesn't exist for Windows or 
I'd give that a shot too.

Doug

-----Original Message-----
From: Andreas Östling [mailto:andreaso () it su se] 
Sent: Tuesday, February 24, 2004 1:51 PM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Re: flowbits



On http://www.snort.org/dl/rules/ it still says you should use the 2_1 
rules for snort 2.1.*, which will obviously fail as the flowbit feature 
was introduced post 2.1.0 (as discussed in 
http://marc.theaimsgroup.com/?t=107661847900002&r=1&w=2)

Couldn't this be fixed somehow?

/Andreas


On Tue, 24 Feb 2004, adam wrote:


The flowbits keword was introduced in Snort 2.1.1.  There's a news 
post
about it on the snort.org homepage from Feb 4th.  You can either disable 
all of the rules with the flowbits keyword or upgrade snort.

-Adam Hogan



-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users


-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id56&alloc_id438&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: