Re: [Emerging-Sigs] FATALs with snort-2.9.0.3

[Matthew Jonkman <jonkman () emergingthreatspro com>]

We did get advance notification that there would be more strict error checking, which as I mentioned we are all for!!

Now we know what things are being enforced with the release and can start fixing them up. This won't take long, no 
worries.

Matt

On Dec 21, 2010, at 11:42 AM, evilghost () packetmail net wrote:

> * PGP Signed by an unknown key
>
> On 12/21/10 10:30, Joel Esler wrote:
> Hi,
>
> > Yes, we greatly improved error checking on Snort 2.9.0.3:
> >
> > http://blog.snort.org/2010/12/snort-2903-is-coming-soon.html
> >
> > We are going to put a blog post up about it soon.
>
> Did you notify ET of these issues or just post them on the blog?  I don't recall
> seeing this one on the list so it may have been direct to the ET crew.
>
> Quoted below:
>
> "This is another issue found internally while troubleshooting for
> Emerging-Threats. VRT rules are not affected by this change.
>
> If rule writers have invalid combinations that existed in custom rules (depth
> with within, or distance with no relative content match, etc) Snort will now
> error on this. The Snort Manual has been updated to reflect these facts."
>
> I imagine you've already reached out to the ET crew and just didn't rely on the
> blog entry only to notify ET of these issues.  I likely missed the communication
> with ET so I'll bite my tongue with respect to what exactly "OpenSource
> community" is.
>
> > Joel
>
> -evilghost
>
> * Unknown Key
> * 0xEEEB1387(L)
>
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs () emergingthreats net
> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
>
> Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com
> The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current!


----------------------------------------------------
Matthew Jonkman
Emergingthreats.net
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 765-807-8630
Fax 312-264-0205
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc




------------------------------------------------------------------------------
Forrester recently released a report on the Return on Investment (ROI) of
Google Apps. They found a 300% ROI, 38%-56% cost savings, and break-even
within 7 months.  Over 3 million businesses have gone Google with Google Apps:
an online email calendar, and document program that's accessible from your 
browser. Read the Forrester report: http://p.sf.net/sfu/googleapps-sfnew
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users