Home page logo
/

snort logo Snort mailing list archives

Re: [Emerging-Sigs] FATALs with snort-2.9.0.3
From: Matthew Jonkman <jonkman () emergingthreatspro com>
Date: Tue, 21 Dec 2010 11:59:29 -0500

We did get advance notification that there would be more strict error checking, which as I mentioned we are all for!!

Now we know what things are being enforced with the release and can start fixing them up. This won't take long, no 
worries.

Matt

On Dec 21, 2010, at 11:42 AM, evilghost () packetmail net wrote:

* PGP Signed by an unknown key

On 12/21/10 10:30, Joel Esler wrote:
Hi,

Yes, we greatly improved error checking on Snort 2.9.0.3:

http://blog.snort.org/2010/12/snort-2903-is-coming-soon.html

We are going to put a blog post up about it soon.

Did you notify ET of these issues or just post them on the blog?  I don't recall
seeing this one on the list so it may have been direct to the ET crew.

Quoted below:

"This is another issue found internally while troubleshooting for
Emerging-Threats. VRT rules are not affected by this change.

If rule writers have invalid combinations that existed in custom rules (depth
with within, or distance with no relative content match, etc) Snort will now
error on this. The Snort Manual has been updated to reflect these facts."

I imagine you've already reached out to the ET crew and just didn't rely on the
blog entry only to notify ET of these issues.  I likely missed the communication
with ET so I'll bite my tongue with respect to what exactly "OpenSource
community" is.

Joel

-evilghost

* Unknown Key
* 0xEEEB1387(L)

_______________________________________________
Emerging-sigs mailing list
Emerging-sigs () emergingthreats net
http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs

Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com
The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current!


----------------------------------------------------
Matthew Jonkman
Emergingthreats.net
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 765-807-8630
Fax 312-264-0205
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc




------------------------------------------------------------------------------
Forrester recently released a report on the Return on Investment (ROI) of
Google Apps. They found a 300% ROI, 38%-56% cost savings, and break-even
within 7 months.  Over 3 million businesses have gone Google with Google Apps:
an online email calendar, and document program that's accessible from your 
browser. Read the Forrester report: http://p.sf.net/sfu/googleapps-sfnew
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault