Snort mailing list archives
Re: inconsistency docu vs. snort.conf
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Wed, 25 Jan 2017 13:16:05 +0000
We can adjust the documentation, but the Snort.conf is updated to stay current with threats and counter measures. The docs sometimes don't keep up. -- Sent from my iPhone
On Jan 25, 2017, at 6:38 AM, Felix Erlacher <felix.erlacher () uibk ac at> wrote: Hi all, I think I just found an inconsistency between the official documentation and the example snort.conf file. In the current documentation for Snort 2.9.9 (dated November 14) available on the snort.org webpage it says on page 46 for the preprocessor stream5_tcp option "require_3whs" --> "the default is set to off" and for the session grace period of that option "The default is ”0”". But in the sample snort.conf file in the snort 2.9.9.0 tarball as well as the one on the webpage (https://www.snort.org/configurations) the require_3whs option is enabled and the grace period set to 180 seconds. The same holds for the "detect_anomalies" option, docu says default is off, in example snort.conf it is turned on. greetings -- Felix Erlacher ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- inconsistency docu vs. snort.conf Felix Erlacher (Jan 25)
- Re: inconsistency docu vs. snort.conf Marcin Dulak (Jan 25)
- Re: inconsistency docu vs. snort.conf Joel Esler (jesler) (Jan 25)
- Re: inconsistency docu vs. snort.conf Marcin Dulak (Jan 25)