Re: Rule Migration Cheat Sheet?

["Crook, Parker" <Parker_Crook () reyrey com>]

> There are several new keywords (file_data, byte_extract, http_*)  We don't
> have a specific conversion cheat sheet, as the old rule options still work
> fine,  the new rule options just allow for clarification of functionality and
> a more specific and efficient rule writing process.
>
> That being said, I know a lot of you want to get your rules updated to Snort
> 2.9 format, I am just swamped, and I know I won't get to it until late
> January.  If anyone from the community wants to write a cheat sheet document,
> we'll review it, I'll put it on the blog, snort.org, and I'll give you a free
> VRT rule subscription for a year.
>
> Takers?

I've had 2.9 setup in the lab for a while and haven't made the push in production yet for this very reason.  I suppose 
I can take the plunge and start working on it and I will document my findings.  I'll get started on this but I'm not 
sure how long it will take.

-Parker

------------------------------------------------------------------------------
Forrester recently released a report on the Return on Investment (ROI) of
Google Apps. They found a 300% ROI, 38%-56% cost savings, and break-even
within 7 months.  Over 3 million businesses have gone Google with Google Apps:
an online email calendar, and document program that's accessible from your 
browser. Read the Forrester report: http://p.sf.net/sfu/googleapps-sfnew
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs