Re: Snort & Pulled Pork questions

[Heine Lysemose <lysemose () gmail com>]

Sounds great!

/Lysemose
On May 17, 2012 5:42 PM, "Joel Esler" <jesler () sourcefire com> wrote:

> What we are going to start doing is releasing a version of the Shared
> Object rules for the new version so people can upgrade right away.  The
> text rules will always work.
>
> J
>
> On May 17, 2012, at 9:20 AM, "Weir, Jason" <jason.weir () nhrs org> wrote:
>
> Working on updating to the latest version of snort (2.9.2.3) and using
> pulledpork (0.6.1).****
> ** **
> For those of us that are not paying subscribers of the VRT rule set
> updating to the latest issue within the first 30 days causes issues..****
> ** **
> I updated from 2.9.2.2 to 2.9.2.3 yesterday, when pulled pork runs it
> detects the snort version and attempts to download the correct rule set,
> well for me there is no rule set and won’t be for 30 days..****
> ** **
> Now I can manually set the snort version to 2.9.2.2 in pulledpork.conf as
> long as 2.9.2.2 rules are compatible with 2.9.2.3 (which Joel indicated
> they are.  This time..).****
> ** **
> What happens when a change is made that make the older rules not
> compatible?****
> ** **
> Are my choices to (1) not upgrade to the latest snort version for 30 days,
> until “free” rules are available, or (2) purchase a rule subscription?****
> ** **
> Thanks,****
> Jason****
>
> _____________________________________________________________________________________________
>
> Please visit www.nhrs.org to subscribe to NHRS email announcements and updates.
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats.
> http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/_______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!