Snort mailing list archives

Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody?

From: Jeff Kell <jeff-kell () utc edu>
Date: Mon, 21 Mar 2011 15:54:32 -0400

On 3/21/2011 3:46 PM, Jason Wallace wrote:

No, it makes it easier to combine them, in my opinion, because then we
could pick and chose between the ET distributed GPL rules and the VRT
distributed rules. That is not possible today, because they use the
same SID and most rule management tools are SID driven so you can't
enable/disable a SID without SID duplication. The no-gpl model
requires a user to either use VRT+ET-no-gpl, just the VRT, or just the
ET set. We can't chose to use one gpl rule from the VRT and another
gpl rule from ET, because the two can't exist at the same time.


Well, in the old oinkmaster days + snort.conf, you just include the
rules you wanted.

With pulledpork and the "big blob" rules, the SID independence is a
bigger factor.

Jeff

------------------------------------------------------------------------------
Enable your software for Intel&reg; Active Management Technology to meet the
growing manageability and security demands of your customers. Businesses
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Re: [Emerging-Sigs] GPL rules - who maintains them?Nobody?, (continued)
- - - Re: [Emerging-Sigs] GPL rules - who maintains them?Nobody? Joel Esler (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them?Nobody? Nigel Houghton (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Martin Roesch (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Joel Esler (Mar 21)
    - Message not available
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Wallace (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them?Nobody? Weir, Jason (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Wallace (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them?Nobody? Weir, Jason (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jeff Kell (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 22)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Wallace (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Joel Esler (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? waldo kitty (Mar 21)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? NA (Mar 22)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Mike Lococo (Mar 23)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 22)
    - Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Joel Esler (Mar 21)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Philip Neukom (Mar 21)