Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort 1.90 no Spade?

From: James Hoagland <hoagland () SiliconDefense com>
Date: Sat, 5 Oct 2002 13:19:05 -0700
Hello Shane,

At 4:06 PM -0600 10/4/02, Shane Hickey wrote:

I'm afraid I haven't read the list in quite some time, so I apologize if
this has been answered.  I checked the FAQ and the archives and didn't
see mention of it.  Anyway, I'm running Snort on RedHat installed from
RPMs.  It's always included Spade, but 1.90 doesn't seem to.  Is there a
reason for this, or was it an oversight.
I'm glad you asked. I provided a version of Spade for Snort 1.9 (somewhat enhanced over the version in Snort 1.8.7) to the Snort developers on July 20, 2002. Since then, we have not received any substantive feedback on it from anyone with commit privileges despite repeated queries. So, regrettably, we are back to the model of providing Spade as an add-on package. (This was the model prior to Spade being incorporated in Snort with Snort 1.7.0.)
In the mean time, we've been making some significant enchantments to Spade. These are nearly complete, so we'll release that version as soon as it is ready (probably this Monday). It'll be available from the Silicon Defense web site and probably also via Snortenstein. 

  http://www.silicondefense.com/software/spice/
  http://sourceforge.net/projects/snortenstein/

If you can't wait, you can get the version I submitted on July 20:

  http://citadelle.intrinsec.com/mailing/current/HTML/ml_snort-dev/1238.html



I found that I caught many
intrusions that I wouldn't have seen otherwise when I was using Spade,
although, I wish you could tell it to ignore certain source networks.
I'm glad you found it useful and I don't think you were alone. Is there some specific reason you wanted to ignore certain sources? (I'm trying to see if the problem has been addressed already.) 

Best regards,

  Jim

--
|*      Jim Hoagland, Associate Researcher, Silicon Defense      *|
|*            --- Silicon Defense: IDS Solutions ---             *|
|*  hoagland () SiliconDefense com, http://www.silicondefense.com/  *|
|*   Voice: (530) 756-7317                 Fax: (530) 756-7297   *|


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: