Snort mailing list archives
Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody?
From: Crusty Saint <saintcrusty () gmail com>
Date: Mon, 21 Mar 2011 09:16:25 +0100
Just because it makes me look somewhat knowledgeable. One can allways use the wayback machine to get old rulesets and attempt manual update/conversion of older rules. Though i do not see the benefit of doing so, like here : http://replay.waybackmachine.org/20041001015200/http://www.snort.org/dl/ 2011/3/18 Matthew Jonkman <jonkman () emergingthreatspro com>
The issue is though that VRT won't support versions back to snort 2.4, nor a version for suricata, which we do at ET. So we have the gpl rules here as well in the ET ruleset. If that could be worked out we could integrate, but I think SF has made it clear their stance on suricata, and on snorts more than 2 versions back. Matt On Mar 18, 2011, at 3:20 PM, Joel Esler wrote:That was a porn rule. Which we've gotten rid of. Rules that are <1,000,000 in SID are officially maintained by the VRT(even the sids that were available before the VRT license change -- commonly referred to as "gpl rules").Emerging threats is encouraged to submit any changes to the ruleset tosids <1,000,000 back to the VRT for inclusion into the VRT set. However, the numbers should not be duplicated.J On Mar 18, 2011, at 3:04 PM, Weir, Jason wrote:That is the raw packet data - as outputted by BASE anyways.. That rule is in the ET set here http://rules.emergingthreats.net/open/snort-2.9.0/emerging-all.rules -J-----Original Message----- From: waldo kitty [mailto:wkitty42 () windstream net] Sent: Friday, March 18, 2011 2:53 PM To: Weir, Jason Cc: emerging-sigs () emergingthreats net Subject: Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? On 3/18/2011 13:56, Weir, Jason wrote:After I spammed the snort sigs list on this - looks like itcame withthe ET rules.. It's probably not maintained by anyone but I'm seeing whatcould be a FPon 1313sid:1313; does not exist in my setup with both VRT and ET rules sets... not even as a commented line...Here's the data - no "up skirt" that I can see....is that the raw packet data?_____________________________________________________________________________________________Please visit www.nhrs.org to subscribe to NHRS email announcements andupdates._______________________________________________ Emerging-sigs mailing list Emerging-sigs () emergingthreats net http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs Support Emerging Threats! Subscribe to Emerging Threats Prohttp://www.emergingthreatspro.comThe ONLY place to get complete premium rulesets for Snort 2.4.0 throughCurrent!-- Joel Esler jesler () sourcefire.com http://blog.snort.org && http://blog.clamav.net Twitter: @snort _______________________________________________ Emerging-sigs mailing list Emerging-sigs () emergingthreats net http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs Support Emerging Threats! Subscribe to Emerging Threats Prohttp://www.emergingthreatspro.comThe ONLY place to get complete premium rulesets for Snort 2.4.0 throughCurrent! ---------------------------------------------------- Matthew Jonkman Emergingthreats.net Emerging Threats Pro Open Information Security Foundation (OISF) Phone 765-807-8630 x110 Fax 312-264-0205 http://www.emergingthreatspro.com http://www.openinfosecfoundation.org ---------------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc ------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- - - - Security Engineer - Tags: Analyst Systems Security Linux Firewall Network Web Troubleshooting - If you think I deserve a rant, write me off-list
------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Joel Esler (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Crusty Saint (Mar 21)
- <Possible follow-ups>
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Weir, Jason (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Jason Brvenik (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Joel Esler (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? evilghost () packetmail net (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 19)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Joel Esler (Mar 18)
- Re: [Emerging-Sigs] GPL rules - who maintains them? Nobody? Matthew Jonkman (Mar 19)