[Rman-users] Rule MANager for Snort V 0.0.3a is out ....
Status: Alpha
Brought to you by:
mvevers
Menu
▾
▴
[Rman-users] Rule MANager for Snort V 0.0.3a is out ....
|
From: Mark V. <ma...@if...> - 2002-03-08 11:46:26
|
Hi all, Released RMAN-0.0.3 Alpha last night. I've added variable handling and auto update of variables on multiple remote sensors to rman. This allows a 'sensor grid' wide default with per sensor variations and automatic update. (Oh and fixed a few bugs as well). This is the first stage in being able to handle per group variations as well so that you can have one rule, and for a particular group on a particular sensor the variable gets substituted without having to write special rules so that future updates to a rule apply to all variations .... but you'll have to wait for 0.0.4 alpha for that. (i.e. for an ISP - only scan all customer traffic for Nimda / CodeRed but apply full ruleset to isp's servers) Can those who have downloaded RMAN drop me a line to let me know how it's going - it would be great to have some feedback! (although this might not be the best time to ask for this as I am about to become a daddy for the second time ;-) !!) Mark -- Mark Vevers. ma...@if... / mv...@rm... Internet Backbone Engineering Team Internet for Learning, Research Machines Plc |