snort-sigs January 2011 archive
Main Archive Page > Month Archives  > snort-sigs archives
snort-sigs: Re: [Snort-sigs] RulePack update and End of Life of

Re: [Snort-sigs] RulePack update and End of Life of 2.8.6.0

From: Joel Esler <jesler_at_nospam>
Date: Thu Jan 06 2011 - 20:17:22 GMT
To: Shane Castle <scastle@bouldercounty.org>, Jeff Kell <jeff-kell@utc.edu>

What features of SnortSam do you guys use now?

(I don't know SnortSam, at all, so walk me through it)

J

On Jan 6, 2011, at 3:10 PM, Castle, Shane wrote:

> Nope. Adding SnortSam to 2.8.6.1 fails owing to the use of
> autoconf/libtool releases in 2.8.6.1 later than supported on RH5.
>
> About ready to ditch RHEL completely for the IDS install but as I wrote,
> things are moving slow.
>
> --
> Shane Castle
> Data Security Mgr, Boulder County IT
> CISSP GSEC GCIH
>
>
> -----Original Message-----
> From: Joel Esler [mailto:jesler@sourcefire.com]
> Sent: Thursday, January 06, 2011 12:51
> To: Castle, Shane
> Cc: snort-users@lists.sourceforge.net; snort-sigs@lists.sourceforge.net;
> snort-devel@lists.sourceforge.net
> Subject: Re: [Snort-sigs] RulePack update and End of Life of 2.8.6.0
>
> I understand.
>
> We don't maintain the SnortSam mod, so I can't help you there. But you
> can upgrade to 2.8.6.1 if you can't go to 2.9.0.3. I understand that is
> a segment of users out there that are on RHEL5 and it has an older
> version of installed libpcap that people are having to recompile.
>
> J
>
>
> On Jan 6, 2011, at 2:47 PM, Castle, Shane wrote:
>
>> I can't add the SnortSam mods to any release >2.8.6.0 on my RHEL5
>> install. Plans are in place to migrate either to RH6 or a different
>> Linux distro so I can haz all the newer required components but it
> ain't
>> happening very quickly (sigh).
>>
>> --
>> Shane Castle
>> Data Security Mgr, Boulder County IT
>> CISSP GSEC GCIH
>>
>>
>> -----Original Message-----
>> From: Joel Esler [mailto:jesler@sourcefire.com]
>> Sent: Thursday, January 06, 2011 12:37
>> To: Castle, Shane
>> Cc: snort-users@lists.sourceforge.net;
> snort-sigs@lists.sourceforge.net;
>> snort-devel@lists.sourceforge.net
>> Subject: Re: [Snort-sigs] RulePack update and End of Life of 2.8.6.0
>>
>> Why do you have to find a new OS? Using an old version of RH or
>> something?
>>
>> Can't you use 2.8.6.1?
>>
>> J
>>
>> On Jan 6, 2011, at 2:31 PM, Castle, Shane wrote:
>>
>>> Crap. Now I have to find a new OS. What, you couldn't wait another 6
>>> months?
>>>
>>> --
>>> Shane Castle
>>> Data Security Mgr, Boulder County IT
>>> CISSP GSEC GCIH
>>>
>>>
>>> -----Original Message-----
>>> From: Joel Esler [mailto:jesler@sourcefire.com]
>>> Sent: Thursday, January 06, 2011 12:24
>>> To: snort-users@lists.sourceforge.net;
>> snort-sigs@lists.sourceforge.net;
>>> snort-devel@lists.sourceforge.net
>>> Subject: [Snort-sigs] RulePack update and End of Life of 2.8.6.0
>>>
>>> All--
>>>
>>> I just put up a blog post about the newest rulepack update and the
> EOL
>>> of 2.8.6.0's support for VRT rules.
>>>
>>> Please review it at:
>>>
>>
> http://blog.snort.org/2011/01/vrt-rule-update-available-now-and-eol.html
>>>
>>> Thanks!
>>>
>>> Joel Esler
>>> Manager, OpenSource Community
>>
>

------------------------------------------------------------------------------
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and,
should the need arise, upgrade to a full multi-node Oracle RAC database
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs