Re: Change sid number with pulledpork

["Joel Esler (jesler)" <jesler () cisco com>]

> On Oct 21, 2014, at 11:21 AM, waldo kitty <wkitty42 () windstream net> wrote:
>
> On 10/21/2014 7:02 AM, C. L. Martinez wrote:
> >  Is it possible to change sid number inside of several rules files? I
> > have downloaded rules from third party sites and in some cases, sids
> > numbers are the same.
>
> which numbers or range of numbers are you seeing duplicated? we are aware of at 
> least one 3rd party that does duplicate some numbers but they also offer a rule 
> pack without the duplicates... they do this because some folks do not run the 
> VRT rules so there's no dupes to worry about... you should check with your 3rd 
> party rules providers and ask if they have a set of rules that are "de-duped"...

There should be no duplicate numbers anymore.  I believe this error was corrected.

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Talos

Attachment: smime.p7s
Description:

------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://p.sf.net/sfu/Zoho

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!