Snort mailing list archives
Re: [Emerging-Sigs] FATALs with snort-2.9.0.3
From: Matthew Jonkman <jonkman () emergingthreatspro com>
Date: Tue, 21 Dec 2010 11:57:41 -0500
And to be clear, we REALLY appreciate the better error checking. Been asking for it for a while, ever since snort got quiet about errors a couple years ago. :) These rules that are throwing errors still work on pre 2.9.0.3. We'll have these all fixed up for the next ruleset release. Which was going to be this afternoon, but likely later this evening. Thanks! Matt On Dec 21, 2010, at 11:52 AM, evilghost () packetmail net wrote:
* PGP Signed by an unknown key On 12/21/10 10:46, Joel Esler wrote:The error checking was improved as a result of the ETPro personnel filing a bug with us when using a "distance" or a "within" with no previous relative offset in their ruleset. We provided this feedback to the ETPro development team at that time and corrections were made to the rule in question.Thanks Joel, I figured it was something like that and thought it abnormal if it were blogged-only, so I was seeking clarification. That's why I didn't go into one of my usual tirades. :)Joel-evilghost * Unknown Key * 0xEEEB1387(L) _______________________________________________ Emerging-sigs mailing list Emerging-sigs () emergingthreats net http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current!
---------------------------------------------------- Matthew Jonkman Emergingthreats.net Emerging Threats Pro Open Information Security Foundation (OISF) Phone 765-807-8630 Fax 312-264-0205 http://www.emergingthreatspro.com http://www.openinfosecfoundation.org ---------------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc ------------------------------------------------------------------------------ Forrester recently released a report on the Return on Investment (ROI) of Google Apps. They found a 300% ROI, 38%-56% cost savings, and break-even within 7 months. Over 3 million businesses have gone Google with Google Apps: an online email calendar, and document program that's accessible from your browser. Read the Forrester report: http://p.sf.net/sfu/googleapps-sfnew _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- FATALs with snort-2.9.0.3 Lay, James (Dec 21)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman (Dec 21)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Joel Esler (Dec 22)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Lay, James (Dec 22)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman (Dec 22)
- Re: [Spam] Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Lay, James (Dec 22)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Joel Esler (Dec 22)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman (Dec 21)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 evilghost () packetmail net (Dec 22)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Joel Esler (Dec 21)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 evilghost () packetmail net (Dec 22)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman (Dec 21)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Joel Esler (Dec 21)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 Matthew Jonkman (Dec 21)
- Re: [Emerging-Sigs] FATALs with snort-2.9.0.3 evilghost () packetmail net (Dec 22)