Re: [Snort-users] Availability of Snort v2.6.1.1

To:	"Jason Haar" <Jason.Haar@trimble.co.nz>
Subject:	Re: [Snort-users] Availability of Snort v2.6.1.1
From:	"Justin Heath" <justin.heath@gmail.com>
Date:	Thu, 23 Nov 2006 09:30:35 -0500
Cc:	snort-users@lists.sourceforge.net, snort-team@sourcefire.com
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	snort-list@securepoint.com
In-reply-to:	<456509AF.9050704@trimble.co.nz>
List-archive:	<http://sourceforge.net/mailarchive/forum.php?forum=snort-users>
List-help:	<mailto:snort-users-request@lists.sourceforge.net?subject=help>
List-id:	"Snort users talk about... Snort!" <snort-users.lists.sourceforge.net>
List-post:	<mailto:snort-users@lists.sourceforge.net>
List-subscribe:	<https://lists.sourceforge.net/lists/listinfo/snort-users>, <mailto:snort-users-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe:	<https://lists.sourceforge.net/lists/listinfo/snort-users>, <mailto:snort-users-request@lists.sourceforge.net?subject=unsubscribe>
References:	<4564DA46.1020304@snort.org> <456509AF.9050704@trimble.co.nz>
Sender:	snort-users-bounces@lists.sourceforge.net

Use the spec file from the src rpm.

# rpm -ql snort | egrep 'ssh|dcerpc'
/usr/lib/snort-2.6.1.1_dynamicpreprocessor/libsf_dcerpc_preproc.so
/usr/lib/snort-2.6.1.1_dynamicpreprocessor/libsf_dcerpc_preproc.so.0
/usr/lib/snort-2.6.1.1_dynamicpreprocessor/libsf_ssh_preproc.so
/usr/lib/snort-2.6.1.1_dynamicpreprocessor/libsf_ssh_preproc.so.0
/usr/share/doc/snort-2.6.1.1/doc/README.dcerpc
/usr/share/doc/snort-2.6.1.1/doc/README.ssh


Output from snort startup (installed frm RHEL4 rpm)
...
           Rules Engine: SF_SNORT_DETECTION_ENGINE  Version 1.6  <Build 11>
           Preprocessor Object: SF_DNS  Version 1.0  <Build 1>
           Preprocessor Object: SF_DCERPC  Version 1.0  <Build 1>
           Preprocessor Object: SF_FTPTELNET  Version 1.0  <Build 8>
           Preprocessor Object: SF_SMTP  Version 1.0  <Build 6>
           Preprocessor Object: SF_SSH  Version 1.0  <Build 1>
...



On 11/22/06, Jason Haar <Jason.Haar@trimble.co.nz> wrote:
> Snort Releases wrote:
> > Hi everybody,
> >
> > Snort v2.6.1.1 has been released.  The software and source code is
> > available at:
> >
> > http://www.snort.org/dl/
> >
> > Snort v2.6.1.1 corrects an resource usage issue exhibited in Snort
> > v2.6.1 in certain network environments.
> >
> >
>
> FYI the snort.spec file in 2.6.1.1 refers to ssh and dcerpc
> preprocessors that aren't built as part of the install.
>
> i.e. you can't build an RPM with that :-) Removing their
> "%attr(0755,root,root)" lines fixes the problem.
>
> (off to test it now)
>
> --
> Cheers
>
> Jason Haar
> Information Security Manager, Trimble Navigation Ltd.
> Phone: +64 3 9635 377 Fax: +64 3 9635 417
> PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
>
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys - and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> Snort-users mailing list
> Snort-users@lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-users] Availability of Snort v2.6.1.1, Snort Releases Re: [Snort-users] Availability of Snort v2.6.1.1, Jason Haar Re: [Snort-users] Availability of Snort v2.6.1.1, Justin Heath <= Re: [Snort-users] Availability of Snort v2.6.1.1, Julio E. Gonzalez P. Message not available [Snort-users] problem with snort 2.6.1.1 (stop working), Julio E. Gonzalez P. Re: [Snort-users] problem with snort 2.6.1.1 (stop working), Justin Heath Re: [Snort-users] problem with snort 2.6.1.1 (stop working), Jason Haar Re: [Snort-users] problem with snort 2.6.1.1 (stop working), Justin Heath

Previous by Date:	Re: [Snort-users] Availability of Snort v2.6.1.1, Julio E. Gonzalez P.
Next by Date:	[Snort-users] Snort announcements, Justin Heath
Previous by Thread:	Re: [Snort-users] Availability of Snort v2.6.1.1, Jason Haar
Next by Thread:	Re: [Snort-users] Availability of Snort v2.6.1.1, Julio E. Gonzalez P.
Indexes:	[Date] [Thread] [Top] [All Lists]