[Emerging-Sigs] Rule question
james.lay at wincofoods.com
Tue Oct 19 12:00:25 EDT 2010
I posted this in the snort-sigs group, and now I'm posting it here:
I guess there's something I do not understand as it relates to ET & VRT
rules. As I understand it:
Snort VRT support 220.127.116.11 and 2.9.0
ET support 2.4-2.8.6
Is it just me or does this not make sense? Why are ET rules even
bothering with unsupported versions of Snort, and not putting out rules
that are in line with supported versions of Snort? I have to be
honest...from a home and business user, going from what used to be a
relatively easy rule management system, to what it is now has been
extremely time consuming and frustrating. And, coming from someone who
has little knowledge of how the ET and VRT rulesets are
developed/maintained, I have to think that duplicate SID's seems to be
counterproductive. I'll keep plodding along...thank you.
IT Security Analyst
650 N Armstrong Pl.
Boise, Idaho 83704
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Emerging-sigs