Snort mailing list archives
Re: snort 2.9.2 disable alerts for so_rules (p2p)
From: Joel Esler <jesler () sourcefire com>
Date: Sat, 4 Feb 2012 21:15:47 -0500
On Sat, Feb 04, 2012 at 07:58:10PM -0500, waldo kitty wrote:
On 2/3/2012 22:29, Joel Esler wrote:http://blog.snort.org/2012/01/importance-of-pulledpork.htmli haven't read it yet and i understand what you are saying BUT there are environments where it is NOT feasible or capable to run pulledpork... /THAT'S/ what i and others are pointing out and trying to clarify... sadly, it is starting to look like snort is /not/ going to be able to be used in environments like ours and that's NotAGoodThing<tm> :(
Not necessarily true. While we recommend you use PulledPork, after some more thought and discussion inside the VRT we've realized this may not be the only way that people can feasibly deploy our rulesets. So we are looking at a way to "level the playing field", as it were, with regard to the needs for PulledPork. As of right this second, we recommend you use it, and we always will for rule management. But your cry of help has been heard to standarize the ruleset into a way that is accessible and useable by all. -- Joel ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: snort 2.9.2 disable alerts for so_rules (p2p), (continued)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) waldo kitty (Feb 02)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) Jørgen Bøhnsdalen (Feb 03)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) Lawrence R. Hughes, Sr. (Feb 03)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) Joel Esler (Feb 03)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) Lawrence R. Hughes, Sr. (Feb 03)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) Joel Esler (Feb 03)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) waldo kitty (Feb 03)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) Joel Esler (Feb 03)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) JJ Cummings (Feb 04)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) waldo kitty (Feb 04)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) Joel Esler (Feb 04)
- Re: snort 2.9.2 disable alerts for so_rules (p2p) waldo kitty (Feb 03)