|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Snort-users] Alternate to Snortcenter2?
From: Jason Alexander (lists
itsecurity3.its.uiowa.edu)
Date: Wed Sep 28 2005 - 22:16:15 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm looking into this now. It looks like I've found a couple of other
issues like for some reason rule_combine script that I provide to pull
all the rulesets together appears to be doing something to the community
rules becasue I'm getting a major parse error on rule 100000135.
It give me this
Unknown Rule option: 43 (msg:"COMMUNITY IMAP GNU Mailutils request tag
format string vulnerability"; flow:to_server,established;
content:"|25|"; pcre:"/^\S*\x25\S*\s/sm"; reference:cve,CAN-2005-1523;
reference:bugtraq,13764; classtype:attempted-admin; sid:100000135; rev:1;
-> 43 (msg
Wes if you have time can you try to load the 2.4 rule set and see if you
get the same problem.
Jason
East, Bill wrote:
> Using
> vrt_pr/snortrules-pr-2.4.tar.gz
>
> The error was "Unknown Rule option", from parser.php
>
> SID is 3441
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]