OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: [Snort-users] still fighting with so_rules

From: Nathaniel Richmond (nate+snortrichmond-family.org)
Date: Sat Jul 11 2009 - 15:21:24 CDT

I haven't tried the Fedora rules on RHEL as Nigel suggested, but the
CentOS 32-bit SO rules work fine on 32-bit RHEL. There are CentOS 4
and 5 rules, which correspond to RHEL 4 and 5.

Nate

Russell Fulton wrote:
> I see to my dismay that the only precompiled rules for rhe are for
> 64
> bit 5.0. Our standard corporate image is 5.3 (32 bit ?). Having
> finally got one of my sensors upgraded (from reh 3) I get this
> error:
>
> FATAL ERROR: Failed to load /home/snort/Rules/so_rules/bad-
> traffic.so: /home/snort/Rules/so_rules/bad-traffic.so: wrong ELF
> class: ELFCLASS64
>
> Google indicates that this is indeed caused by incompatibilities
> between 32 and 64bit binaries.
>
> I'm getting rather peeved that sourcefire accepted my $1200 and has
> so
> far failed to deliver anything that I can use in the way of compiled
> rules.
>
> I won't be renewing VRT subscription.
>
> Russell
>
> ------------------------------------------------------------------------------
> Enter the BlackBerry Developer Challenge
> This is your chance to win up to $100,000 in prizes! For a limited
> time,
> vendors submitting new applications to BlackBerry App World(TM) will
> have
> the opportunity to enter the BlackBerry Developer Challenge. See
> full prize
> details at: http://p.sf.net/sfu/Challenge
> _______________________________________________
> Snort-users mailing list
> Snort-userslists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>

------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge
This is your chance to win up to $100,000 in prizes! For a limited time,
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize
details at: http://p.sf.net/sfu/Challenge
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users