Snort mailing list archives
Re: snort 1.8.4 rule question
From: Brian <bmc () snort org>
Date: Mon, 4 Mar 2002 15:33:03 -0500
According to Sam:
I remember reading about a new feature in snort 1.8.4-beta(x) that would allow you to specify a rule be matched if it was to_server, or something to that nature. It seemed like it would cut down on a lot of false positives but I can't find any documentation about it. Sorry for the lack of description here, anyone played with this new feature (if it exists.. maybe it was in my dreams.. :) )
This feature will not be available until the 1.9 series. We changed our minds about adding new features to 1.8.4. All new features are in the 1.9 series and later. SNORT_1_8 is for bug fixes only. Chris, maybe add this to the documentation and say it first appeared in 1.9.1? -brian _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort 1.8.4 rule question Sam (Mar 04)
- Re: snort 1.8.4 rule question Chris Green (Mar 04)
- Re: snort 1.8.4 rule question Brian (Mar 04)
- Re: snort 1.8.4 rule question Chris Green (Mar 04)