Re: [Emerging-Sigs] GPL rules - who maintains them?Nobody?

[Joel Esler <jesler () sourcefire com>]

On Mar 21, 2011, at 7:05 PM, waldo kitty wrote:
> On 3/21/2011 14:00, Nigel Houghton wrote:
> > I see. In that case, ET should act as an end-user, copy the rule to
> > another file, give it a new SID and leave the original alone and
> > disabled in the rule file. If the change is appropriate, send the
> > suggested modification along to us and we will handle it.
>
> and herein is the crux of the apparent problem... why "you" (inclusive and apparently meaning VRT)... why not ET? 
> especially since they are, at least, willing to provide the rules in a format that older snorts can handle and 
> properly detect the traffic in question??

The easiest way to test this would be to take the GPL ruleset from now, and start it up in an old version of Snort 
2.8.4 or whatever.  See if it starts.  If it does, then the whole point is moot.

> who owned them to start with? who maintained them to start with? why are they now as they are?

Sourcefire/VRT/Snort.org.  Why were they forked in the first place?  I don't know.  That's a good question.  

--
Joel Esler
jesler () sourcefire.com
http://blog.snort.org && http://blog.clamav.net
Twitter: @snort


------------------------------------------------------------------------------
Enable your software for Intel(R) Active Management Technology to meet the
growing manageability and security demands of your customers. Businesses
are taking advantage of Intel(R) vPro (TM) technology - will your software 
be a part of the solution? Download the Intel(R) Manageability Checker 
today! http://p.sf.net/sfu/intel-dev2devmar
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users