Hi, Gil Vidals wrote: > snort_rule_dl isn't working any longer. I added rule 2003099 with danger > level of zero and restarted psad and cleared out iptables and yet rule > 2003099 kicks in and blocks my access: > > # GV 20090726 - this rule triggers just by visiting the site on my laptop > running ubuntu & firefox > 2003099 0; > > Back in January 2007, a bug was found in psad where SID's added to > snort_rule_dl were being ignored. You can see the post here: > > http://www.mail-archive.com/debian-bugs-clo...@lists.debian.org/msg127188.html > > I'm running this version of psad: > > [+] psad v2.1.5 (file revision: 2253)
It looks like it works fine for me with : [+] psad v2.1.6-pre3 (file revision: 2267) Enabling/Disabling SID 2003099 works as expected. Could you give it a try? Regards, -- Franck Joncourt http://debian.org - http://smhteam.info/wiki/
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ psad-discuss mailing list psad-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/psad-discuss
