Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: VRT Release 2010-02-23 uses "detection_filter"

From: Jeff Kell <jeff-kell () utc edu>
Date: Wed, 24 Feb 2010 10:55:05 -0500
On 2/24/2010 10:33 AM, Matt Olney wrote:

Note: Snort rule packages for Subscribers and Registered Users track
the latest patch release for any major version. This means that rule
packages may make use of features that only exist in the latest
version of Snort. A simple example is: If 2.8.4 is the current version
of Snort then the snortrules-snapshot-2.8 packages might use features
not available in 2.8.3.2 and earlier.
  


If you have a release version set (e.g., snapshot-2.8), might I suggest
that the rules that require the latest-and-greatest incremental features
be supplied in another rules file, e.g., latest-required.rules? 

Once you roll the next version (2.9, or whatever) you can split those
out into the proper fileset ownership.

We used to only shoot ourselves in the foot with minor number changes
(2.4 to 2.6 to 2.8) but lately the collateral pedal damage has shifted
to the right :-)

Jeff

------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
Previous By Date Next
Previous By Thread Next

Current thread: