Snort mailing list archives
Re: Persistent problems with rule updates for Registerd Users
From: Joel Esler <jesler () sourcefire com>
Date: Fri, 4 Jan 2013 10:32:51 -0500
On Jan 4, 2013, at 12:40 AM, Michael Steele <michaels () winsnort com> wrote:
Also, when Snort 2.9.4.0 was released there was a new rule set added to the Subscribers group matching the new Snort release, but not to the Registered Users group.
What file was added? I don't remember adding anything specifically to that version. I could be wrong here?
Shouldn’t that same file be added to the Registered Users group, removing the Subscribers set of rules, and replacing those with the most current rules that the Registered Users are entitled to. Seems that downloading Snort 2.9.4.0 should be accompanied by the matching 2.9.4.0 rule set, no matter what group you’re in, and this way both groups are assured to get all the current configurations for the new release, it would also be less confusing for new users trying to figure out which rule set they need.
We stopped distributing the ruleset with the Snort tarball years ago. Maybe there's some things we can do here in the future to help get you running out of the box. But we can't help maintain whatever distribution for WinIDS that you are doing for your customers. We provide the engine and the ruleset for free, we don't charge you a fee for repackaging it and selling it to your customers (if you do sell it), so whatever maintenance you have to do for your end users is on you in that case. I am more than willing to hear any new ideas regarding the situation. But let's be constructive and not destructive. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire
------------------------------------------------------------------------------ Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and much more. Get web development skills now with LearnDevNow - 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122812
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Persistent problems with rule updates for Registerd Users, (continued)
- Re: Persistent problems with rule updates for Registerd Users Michael Steele (Jan 04)
- Re: Persistent problems with rule updates for Registerd Users Joel Esler (Jan 04)
- Re: Persistent problems with rule updates for Registerd Users Michael Steele (Jan 04)
- Re: Persistent problems with rule updates for Registerd Users Jeff Kell (Jan 04)
- Re: Persistent problems with rule updates for Registerd Users Michael Steele (Jan 04)
- Re: Persistent problems with rule updates for Registerd Users Joel Esler (Jan 04)
- Re: Persistent problems with rule updates for Registerd Users Joel Esler (Jan 04)
- Re: Persistent problems with rule updates for Registerd Users Jeff Kell (Jan 04)
- Re: Persistent problems with rule updates for Registerd Users Joel Esler (Jan 04)
- Re: Persistent problems with rule updates for Registerd Users Michael Steele (Jan 03)
- Re: Persistent problems with rule updates for Registerd Users Joel Esler (Jan 04)