Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Question about "registered" rules

From: Rajiv Pandey via Snort-sigs <snort-sigs () lists snort org>
Date: Wed, 22 Dec 2021 18:31:41 +0000 (UTC)
Please someone remove me from all these emails. 

Sent from Yahoo Mail on Android 
 
  On Thu, 23 Dec 2021 at 0:00, W. Michael Petullo<mike () flyn org> wrote:   I am trying to better understand two 
aspects of the "registered" 3.0
rules available at https://www.snort.org/downloads. I am presently
using Snort 3.1.18.0 on OpenWrt. I also happen to maintain this package
for the OpenWrt project.

1. I find that I have to replace this statement in etc/lua.conf:

    variables = default_variables_singletable

with:

    variables = default_variables

If I do not make this change, then snort will not run. Is this expected?

2. There are a number of tarballs available:

    Talos_LightSPD.tar.gz
    snortrules-snapshot-31180.tar.gz
    snortrules-snapshot-31150.tar.gz
    snortrules-snapshot-31110.tar.gz
    snortrules-snapshot-3190.tar.gz
    snortrules-snapshot-3170.tar.gz 
    [...]

How do I judge which to use? The numbers present seem to correspond to
Snort releases, but some releases seem to lack a corresponding rules
tarball. What is Talos_LightSPD.tar.gz? Does a document exist that
describes the release process for rules?

Thank you,

-- 
Mike

:wq
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
  

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: