Re: which VTR rules with 2.8.1 ?

[Joel Esler <joel.esler () sourcefire com>]

I recommend the use of stream5.

--
Joel Esler
Sent from my iPhone

On Apr 26, 2008, at 8:13 PM, Russell Fulton <r.fulton () auckland ac nz>  
wrote:

> Is CURRENT the right VTR ruleset to use with 2.8.1?
>
> I'm getting an error on sid:525 (bad traffic udp to port 0) where
> snort objects to 'flow:to_server' in the rule (and quite rightly).
> The rule seems to have change since 2.7 which did not have flow  
> option.
>
> Russell (who is very puzzled and must be missing something).
>
>
>
> --- 
> ----------------------------------------------------------------------
> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
> Don't miss this year's exciting event. There's still time to save  
> $100.
> Use priority code J8TL2D2.
> http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users