Rule MANager for Snort V 0.0.3a is out ....

[Mark Vevers <mark () ifl net>]

Hi all,

Released RMAN-0.0.3 Alpha last night.

I've added variable handling and auto update of variables
on multiple remote sensors to rman.  This allows a 'sensor grid'
wide default with per sensor variations and automatic update.
(Oh and fixed a few bugs as well).  

This is the first stage in  being able to handle per group
variations as well so that you can have one rule, and for a
particular group on a particular sensor the variable gets
substituted without having to write special rules so that future
updates to a rule apply to all variations .... but you'll have to
wait for 0.0.4 alpha for that.

(i.e. for an ISP - only scan all customer traffic for
Nimda / CodeRed but apply full ruleset to isp's servers)

Can those who have downloaded RMAN drop me a line to let me
know how it's going - it would be great to have some feedback!
(although this might not be the best time to ask for this as I am
about to become a daddy for the second time ;-) !!)

Mark

--
Mark Vevers.    mark () ifl net / mvevers () rm com
Internet Backbone Engineering Team
Internet for Learning, Research Machines Plc 



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users