Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Snort-Users] help me about snortsp 3.0.b3

From: Joel Esler <joel.esler () me com>
Date: Wed, 12 Oct 2011 10:49:31 -0400
Well --  

Let me clarify a few things since there's obviously confusion.

SnortSP is a platform in order to run detection engines (Snort being one) inside of.  The current beta that is 
available is pretty old.  However, it's development is not dead.  We just have nothing to release at this time.

2.9.1.1 is the current Snort version available for download at http://www.snort.org.  I encourage it's use.  In other 
news we should be releasing a beta of the next version of Snort with some pretty revolutionary features soon.

Razorback, a VRT development effort, is not an IDS as Kevin seems to be confused about below.  Snort, as an IDS can 
feed Razorback.  Snort is but one part of Razorback, as is ClamAV.  Razorback is a very elegant and revolutionary way 
to tie many tools together in a coherent and easy-to-understand fashion.    I was complimenting one of the developers 
of Razorback yesterday, in that I was taking a look at some of the current builds of it and was blown away.  I was 
thinking back to the days when I was an analyst poking away at my customer's networks trying to figure out what was 
going on, and Razorback is the first product I've seen in the 13-14 years I've been in security, that really makes a 
difference.  It's a framework, many pieces can feed it, and I think we've only begun to scratch the surface of what it 
can do.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire

On Oct 12, 2011, at 10:39 AM, Kevin Ross wrote:


Forget it. Snort 2.9.1 newer. Snort 3 is dead (well in that form); I think VRT are going down the razorback route. 
That file came out 2009 timeframe where snort 2.9.1 was released in the last few weeks. You could also give Suricata 
a go.

On 12 October 2011 15:28, samira samani <heidarim1363 () gmail com> wrote:
i am a new in this IDS and i install snort 2.9 and work with easily
BUT when
install snortsp 3.0.b3 i don't know how to load VRT rules to snort 3
for matching with attacks.
please help me about how to work with snort 3



------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: