Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-sigs] old rules with newer snort

from [Joel Esler] Network Security [Permanent Link]
Subject: Re: [Snort-sigs] old rules with newer snort
Date: Wed, 5 Mar 2008 17:33:10 -0500 
Therefore, please update your version of rules + Snort.  It's always  
best to stay current.

You keep your OS up to date, why not keep the IDS that defends those  
assets up to date as well?

J

On Mar 5, 2008, at 5:27 PM, Jason wrote:


the only safe assumption is that it will not work as expected. It
_should_ generally work but is not guaranteed to do so. Parsing bugs  
get
fixed, capabilities get refined, etc...

Old rules releases are not regressed against newer engines, the  
ultimate
result is therefore undefined.

Joel Esler wrote:

Yes, You can use older rules with a newer Snort, but not newer rules
with an older Snort.

Why would you want to use older rules?  Can't you use the current  
ones?

Joel

On Mar 5, 2008, at 11:11 AM, Sven Wurth wrote:


Hi Snort-sigs
Does anybody know if itâs possible to use old snort rules with a  
newer
snort?
Example: vrt-rules in Version 2.6 and a snort 2.8

Thanks
Kind regards
Sven

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/_______________________________________________

Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs



-- 
Joel Esler ï joel.esler@sourcefire.com






------------------------------------------------------------------------

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/


------------------------------------------------------------------------

_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs



--
Joel Esler ï joel.esler@sourcefire.com





-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-sigs] old rules with newer snort, Jason
Next by Date:  [Snort-sigs] Emerging Threats Daily Signature Changes, emerging
Previous by Thread:  Re: [Snort-sigs] old rules with newer snort, Jason
Next by Thread:  [Snort-sigs] GTP attack monitoring, Victor Lee
Indexes:  [Date] [Thread] [Top] [All Lists]