[Oisf-users] Suricata rules server change
Andreas Herz
andi at geekosphere.org
Wed Mar 30 08:25:35 UTC 2016
On 29/03/16 at 10:49, Francis Trudeau wrote:
> Both of the links you pasted are the same, 1.3 and above rules at this
> time. They will stay that way until we fork again.
>
> We hope to fork soon to take advantage of some of the features in Suricata
> 2+. Once we retire the old Suricata rules we are going to look into that.
Looking forward to that!
> Hopefully this clears up some things.
It did :) Thanks!
> Thanks,
>
> Francis
>
>
>
>
>
> On Tue, Mar 29, 2016 at 7:47 AM, Andreas Herz <andi at geekosphere.org> wrote:
>
> > On 29/03/16 at 07:31, Francis Trudeau wrote:
> > > One reason for this change is that most people run newer versions of
> > > Suricata, and are not aware they are downloading the incorrect rules for
> > > Suricata 1.3 - 3.x.
> >
> > Can you clarify this a bit? Are 1.3 up to 3.x the same rules?
> >
> > I'm asking as I'm using this link for 2.0.X suricata:
> >
> > http://rules.emergingthreats.net/open/suricata-2.0/
> >
> > And this one for 3.0:
> >
> > https://rules.emergingthreats.net/open/suricata-3.0/
> >
> > They point to the same files but are not listed in:
> >
> > https://rules.emergingthreats.net/open/
> >
> > There are "just" suricata-1.3 and suricata without a number.
> > The emerging.rules.tar.gz don't differ from 2.0 and 3.0 directory but
> > this might change if you create rules that use new keywords for example
> > :)
> >
> > Thanks
> >
> > --
> > Andreas Herz
> > _______________________________________________
> > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> > Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> > List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> > Suricata User Conference November 9-11 in Washington, DC:
> > http://oisfevents.net
--
Andreas Herz
More information about the Oisf-users
mailing list