Quoting Javier Fernández-Sanguino Peña ([EMAIL PROTECTED]):
[Short version: see the patch below.]
(after a few days w/o answers from Snort's maintainer)
Sander, any comments wrt to this patch? Please at least say wether you are
going to forward this to Snort maintainers or use it in
On Tue, Aug 26, 2003 at 01:29:31AM +0200, Javier Fernández-Sanguino Peña wrote:
[Short version: see the patch below.]
(after a few days w/o answers from Snort's maintainer)
Sander, any comments wrt to this patch? Please at least say wether you are
going to forward this to Snort maintainers
On Mon, Aug 25, 2003 at 12:11:07PM -0400, Noah L. Meyerhans wrote:
No. New attacks represent security threats. Old attacks represent
curiosities, at best (i.e. have you seen any Redhat 6.2 rpc.statd attacks
lately?)
An intrusion detection system that can not detect known intrusions is not
On Tue, Aug 26, 2003 at 12:24:11AM +0200, Sander Smeenk wrote:
This problem only exists for snort packages that aren't going to be
updated, like the ones that reach stable. The unstable package is up to
date enough to have all correct rules, imho.
The other thing is, snort.org's people
On Sun, Aug 24, 2003 at 07:32:10PM -0400, Noah L. Meyerhans wrote:
Snort depends on a set of rules to detect potentially malicious traffic.
Obviously this set of rules needs to be updates on a regular basis in
order to keep up with new security issues. The problem is that the
version of
On Mon, Aug 25, 2003 at 01:56:40PM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
That's not correct, it cannot detected _new_ potentially harmful traffic.
There's quite a lot of potentially harmful traffic (stable) snort can
detect. The fact that it's not up-to-date does not mean that it's
On Tue, Aug 26, 2003 at 12:24:11AM +0200, Sander Smeenk wrote:
Really, the way to fix this package X needs data Y to be up-to-date is to:
a) separate data from the package (Nessus plugins are available in the
'nessus-plugins' package and can be updated separately, for example)
snort has
Quoting Javier Fernández-Sanguino Peña ([EMAIL PROTECTED]):
Thus, it can't detect potentially harmful traffic.
That's not correct, it cannot detected _new_ potentially harmful traffic.
There's quite a lot of potentially harmful traffic (stable) snort can
detect. The fact that it's not
8 matches
Mail list logo