Hi Michael, i have tested some ICMP and Shellcode rules. The rules needs to be activated for special purposes by clicking the category and selecting the specifics. The test has been done with the VRT sourcefire rules (for registrated users) so far the alerts are working and they are also displayed by the WUI. But i think it is important that more testing environments go for a checkout. Also i have checked the logs for specific warnings and errors and i haven´t found some errors or heavily warnings only some old well known messages which doesn´t constrain the functionality of Snort.
But as i said the more people are testing the better it is
Erik
Am 01.11.2012 um 17:52 schrieb Michael Tremer:
Hey,
I would love to see some people testing this, because snort is scheduled for the next core update.
Arne is going to merge this soon and so I guess that there will be a few days until this appears in the testing tree.
Michael
On Thu, 2012-11-01 at 17:16 +0100, Erik K. wrote:
Hi all, i want to inform you that i have commit an update to the latest version of Snort 2.9.3.1 and also of daq 1.1.1 . There has been a lot of changes for example the configuration file from Snort has been changed, also there are a couple of new rules contained and some more. Patches and an .iso Image with both updates can be found in the Bugtracker --> https://bugzilla.ipfire.org/show_bug.cgi?id=10255
Please test it and leave some feedback.
Thanks and greetings
Erik