Re: Duplicate SIDs recently?

[Andreas Östling <andreaso () it su se>]

On Sun, 25 Sep 2005, Jeff Kell wrote:

> My last oinkmaster cycle (and retries since) have flagged duplicates with 
> sourcefire sids:
...
> Grepping on SIDs I can't find any duplicates, making me think it's a goof in 
> the downloaded packages.  I'm using snort-2.4 rules plus current bleeding. 
> Anyone else having this issue? 
> Jeff

FYI, when Oinkmaster finds duplicate SIDs in the downloaded package it 
will keep the one with the highest 'rev' and discard the other(s), 
that's why you can't find any duplicates when grepping the result.
It would be nice if Sourcefire did some simple automated check so 
duplicate SIDs never get published in the first place though.

/Andreas


-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users