Re: Snort-users Digest, Vol 132, Issue 23

["Joel Esler (jesler)" <jesler () cisco com>]

Wow.  If you are using a ruleset that uses chat.rules and community-sql, you really need to update.  We haven't 
published "community-sql" in over 10 years.  I moved everything out of chat.rules about 4 years ago.  

Snort.org/Downloads.  

--
Sent from my iPhone

> On May 21, 2017, at 15:06, rmkml <rmkml () ligfy org> wrote:
>
> First warning is only for information, use old sig format:
> WARNING: /etc/snort/rules/chat.rules(33) threshold (in rule) is deprecated; use detection_filter instead.
>
> Second warning indicate duplicate sig on same file or same directory...:
> WARNING: /etc/snort/rules/community-sql-injection.rules(6) GID 1 SID 100000106 in rule duplicates previous rule. 
> Ignoring old rule.
> For example, start with "grep -r 100000106 /etc/snort/rules/" and check output...

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!