Hi Jeff,
Thanks for the info, I'll play around w/ flexresp2 in the coming days. Are
there any particular patches for 2.4.3 ?
In the mean while, I have read some of the documentation on
http://cerberus.sourcefire.com/~jeff/archives/snort/sp_respond2/ regarding
flexresp2 and I've noticed that the resp:<action> are slightly different
than the ones in flexresp. Is it a particular reason for those differences
? I guess that it would be easier for the us (lazy) snort admins to just
use the current rules w/ the flexresp actions without any need to change
them - even if it is not a complicated thing ... :-P Just my .02
Thanks and regards,
Tudor
Jeff Nathan
<jeff@snort.org>
Sent by: To
snort-users-admin TPanaitescu@colorcon.com
@lists.sourceforg cc
e.net snort-users@lists.sourceforge.net
Subject
Re: [Snort-users] Libnet v1.1 vs
11/29/05 03:57 PM libnet v1.0.2a
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Checkout snort's source code from CVS and use flexresp2 instead of
flexresp. You won't need libnet 1.0.2 at all in that case.
- -Jeff
On Nov 22, 2005, at 4:26 PM, TPanaitescu@colorcon.com wrote:
Hi,
Is it any way around the limitation for libnet v1.0.2a in building
snort v
2.4.3 with flexresp ? The reason I am asking is that I am running in a
strange situation when I need syslog-ng with spoof capabilities which
requires libnet >= v1.1 but, on the same machine, snort requires
libnet
v1.0.2a.
TIA,
Tudor
-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc. Get Certified Today
Register for a JBoss Training Course. Free Certification Exam
for All Training Attendees Through End of 2005. For more info visit:
http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- --
http://cerberus.sourcefire.com/~jeff (DSA key id 6923D3FD)
"I want to know God's thoughts... the rest are details." - Albert
Einstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFDjMDaEqr8+Gkj0/0RArVPAKC1dx7vwI3wBMOQZLql8mGoC9dHjACglXJh
xK3/Lfqx5eJDa2XDHeCbVbQ=
=SktB
-----END PGP SIGNATURE-----
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log
files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
