Re: rules update on 2.8

[Jason Haar <Jason_Haar () trimble com>]

On 22/12/11 04:59, Nick Moore wrote:
> 3. Yum and other package update mechanisms are not the best way to
> keep Snort up to date. I have found that these frequently lag far
> enough behind the current version that in some cases, they are using a
> no longer supported version in their updates. I would instead
> recommend looking at it manually whenever there is a new Snort release
> and recompiling.
I can't agree with this strongly enough. The "official" OS vendors
arrange their updates around stability and "lack of surprise" (ie no
feature changes). As such, security products like AV and snort simply
cannot fit that model, as they have a daily churn-rate.

If you want to run clamav and/or snort, either you need to manually
maintain and run your own, or find some nice person running a
third-party addon (like rpmforge for Redhat/CentOS) who is willing to do
that donkey work for you

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1


------------------------------------------------------------------------------
Write once. Port to many.
Get the SDK and tools to simplify cross-platform app development. Create 
new or port existing apps to sell to consumers worldwide. Explore the 
Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join
http://p.sf.net/sfu/intel-appdev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!