Re: Snort 2.8.4 Now Available

[John Duksta <jduksta () gmail com>]

Joel (or someone else at SF):

Can we some guidance as to whether the snapshot_2.8_s rules going forward
are going to utilize the dcerpc2 enhancements (i.e. lose the 5K netbios
rules that just went away with SF SEU 216), and if so, will the new dcerpc2
ruleset break earlier 2.8 releases?

Based on the rule maintenance language[1], it sound like it might do so, but
I suppose it really depends on the content of the rules.

Thanks,
-j

[1] <quote>Snort rule packages for Subscribers and Registered users track
the latest feature set for any Major.X release. This means that rule
packages can contain features that only exist in the latest version of snort
for a given Major.X release. A simple example is:

If 2.6.1.5 is the current version of snort then the snortrules-snapshot-2.6
packages might utilize features not supported in 2.6.1.4 and earlier.

Additionally the word CURRENT does not mean "current" as in the English
dictionary meaning. It mean CURRENT in the BSD source code repository
meaning. CURRENT tracks SNORT CVS CURRENT, i.e. the the unstable, possibly
broken version of snort. If you download CURRENT and are not running this
version of snort, your snort install will break</quote>

-- 
John Duksta <jduksta () gmail com>
Can't sleep, clowns will eat me.

------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users