Re: [Emerging-Sigs] Downloading older versions of snort

[Joel Esler <jesler () sourcefire com>]

On Aug 9, 2012, at 12:11 PM, Mike Cox <mike.cox52 () gmail com> wrote:

> I have let this question sit out there for over two (2) years now:
>
> http://seclists.org/snort/2010/q1/104

I didn't see it, or I would have responded.  :)

But I did see that both Nigel and evilghost responded, and evilghost actually provided you a link to the software 
itself.  But let me answer your questions.

> Still, I see no clear way to get/download specific "older" versions of
> Snort.  I know this would be very useful to many people and I can't
> understand why Snort, an allegedly "Open Source" product, would do
> this.  Sure, I understand that there are major flaws in the current
> and latest releases of Snort but many manufactures (like my router/DPI
> solution) have frozen certain version and I would like to test against
> Snort (to see why performance/detection is so bad but this
> conversation is anecdotal).

We used to put them out, but we stopped keeping them on the site because people were downloading very old versions and 
then asking us to fix a problem they were experiencing, etc.  So the decision was made (prior to me becoming the 
community manager) to only keep the current version available for download on the site.  That way people stay current 
with the product, as you'd update any other piece of software, it's pretty important to keep the software that protects 
you up to date as well.

>  Is Snort/SourceFire afraid of
> their past "sins"?

Nope.  Or it wouldn't be an open source project.  It would go closed like a lot of other open source products have.  
But we aren't interested in doing that, and have no intension of closing Snort up.  Anyone can download and keep the 
old versions and diff the code.  Im fact, one version back (from current) is kept on sourceforge.net: 
http://sourceforge.net/projects/snort/files/snort/

See above for the reasons we remove the old stuff.


> Serious past flaws in Snort can be learned from
> and the evolution of such a prolific IDS can also be fodder for
> understanding, innovation, and improvement.

Good points.  I'll discuss this with the team and see what I can do.

> Sorry for the long winded response.  All I want is to be able to
> download older versions of Snort.  Please help me out (anyone), I have
> waited many years (literally).

Again.  Didn't see the original email.  In the future, if you don't receive a response in a week or so, I'd repost.  
Waiting two years for a response will get you no where.

What version do you want?  I'll see if I can get it for you.




------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!