Snort mailing list archives
pulledpork v0.4.2 is outed, get it while it's hawt!
From: JJC <cummingsj () gmail com>
Date: Tue, 29 Jun 2010 14:59:34 -0600
v0.4.2 - http://code.google.com/p/pulledpork New Features / changes: - Capability to modify rules by category (See README.CATEGORIES) - Capability to modify rules using regular expressions (pcre:) - See sid modification configs - Capability to use regular expressions in specific rule modifications - See sid modification configs - Changed the | delimiter for cve,bugtraq etc to : - Added README.CATEGORIES - Added README.SHAREDOBJECTS - Follow flowbit chains - Moved README files to doc - Automatically determine arch - Automatically determine Snort Version - Added some verbiage surrounding HUP vs Restart vs When/where/who and how - Added support for new snort.org download scheme of http://snort.org/reg-rules... Bug Fixes: - Certain rules specific GID values were not being properly parsed by the modifysid sub. - Bug #20 </p/pulledpork/issues/detail?id=20> fixed, ranges are no longer off by +1 additional rule being enabled - Enhancement request #21, added more descript information to dropsid.conf and to README - Fixed flaw that caused certain flowbits to not be set (when GID boundaries were crossed and multiple keys were checked) - Enhancement request #22 updated the master config file to contain all of the currently available precompiled SO rules - Remove risky system calls, use handles instead
------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- pulledpork v0.4.2 is outed, get it while it's hawt! JJC (Jun 29)