[Oisf-devel] [OT] Barnyard2-1.10 - Beta 1 Release
Matthew Jonkman
jonkman at emergingthreatspro.com
Thu Jul 7 15:21:20 UTC 2011
Great news Firnsy!!! THanks!
Question:
Would it be possible to be able to use sid ranges or a sid mask? For example, with the RBN rules we have a few hundred in a specific sid range that need the same block statement. How about a:
204000-204499: src,30 days;
Or maybe a wildcard, etc?
Thanks!
Matt
On Jul 7, 2011, at 10:09 AM, firnsy wrote:
> G'day guys and gals,
>
> If you haven't noticed already, the first beta release of what will
> become barnyard2-1.10 was tagged the other day on github. This was a
> significant milestone that was only enabled by the OISF team and their
> generous contributions. Thanks again!
>
> I was going to push this first beta a week ago but have spent the past
> few days cleaning up the documentation, some old and pesky bugs and even
> added a small utility.
>
> So what are the notable includes/updates from the 1.9 release:
> * A new output plugin for communication with SnortSam instances.
> * Upgraded unified2 handling to latest unified2 standard [1].
> * Improved handling of Sguil agent registration timeouts. Thanks to
> Victor Julien.
>
> Some other worthy mentions from the previous stable release include:
> * Fixed signature loading issue that resulted in a rogue space being
> appended to messages.
> * Fixed compile issue with IPv6 enabled.
> * Fixed compile issue with TCL and PostgreSQL combinations.
> * Added support for new DLT_IPV4 and DLT_IPV6 link types introduced
> with Snort's new DAQ library.
>
> The old project pages are still being reworked with the server change,
> so if you want to try it out you will need to become a little familiar
> with github (it'll be worth it).
>
> So please go forth, download [2], compile, use and abuse. Be sure to
> send any feedback good or otherwise back to us.
>
> - firnsy
>
> [1] No output plugins currently utilise the extra data.
> [2] http://www.github.com/firnsy/barnyard2
> _______________________________________________
> Oisf-devel mailing list
> Oisf-devel at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
----------------------------------------------------
Matthew Jonkman
Emergingthreats.net
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 866-504-2523 x110
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------
PGP: http://www.jonkmans.com/mattjonkman.asc
More information about the Oisf-devel
mailing list