Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Confusion about SID 25282

From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Wed, 4 Dec 2013 13:40:36 +0000
That rule has always been disabled by default in the balanced policy. It, however, has always been in the security 
policy by default.  Regardless of version.

--
Joel Esler
AEGIS Intelligence Lead
OpenSource Manager
Vulnerability Research Team, Sourcefire

On Dec 4, 2013, at 6:07 AM, Lukas Matt <lukas.matt () sophos com<mailto:lukas.matt () sophos com>> wrote:

Hi guys,

customer asked for SID 25282 which is disabled in version 2.9.3.1 (see 
here<http://www.snort.org/vrt/docs/ruleset_changelogs/2_9_3_1/changes-2013-02-05.html>) but not disabled in our current 
version 2.9.5.

Why was the rule only skipped in the previous version?

Cheers,
Lukas


--
Lukas Matt
Deep Packet Inspection Researcher, RnD

tel: +49-721-25516-322, cell: +49-174-3440-555

Sophos Technology GmbH
Amalienbadstr. 41/Bau 52, 76227 Karlsruhe, Germany

SOPHOS Security made simple

---
Sophos Technology GmbH, Commercial Register: Mannheim HRB 712658
Headquarter Location: Amalienbadstr. 41/Bau 52 | 76227 Karlsruhe | Germany
Executive Board: Nicholas Bray, Pino von Kienlin, Richard Walford, Joachim Frost, Günter Junk

------------------------------------------------------------------------------
Sponsored by Intel(R) XDK
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!


------------------------------------------------------------------------------
Sponsored by Intel(R) XDK 
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: