On Fri, 06 Dec 2002 04:18:52 +0000, I wrote: >I've been running Snort for a month or so now on a Woody box at work, >and am now wondering whether the Debian Project (or packager) has a >Plan for providing signature file updates to users of the stable >distribution.
Well thanks for the answers folks - it seems clear (especially after checking http://www.snort.org/dl/rules/, which says "If you are using a version before 1.9.x, please upgrade") that I should stop using the Debian stable V1.8.4 package and switch to hand-built V1.9.0 made from source - and I'll gladly grab Kristof's signature update script and adapt to my needs (thanks for that). [I hope my current MySQL and Acidlab backend works with the later Snort - I guess I'm about to find out ..] I'd suggest maybe a note about V1.8.4 being "useless" should be added to http://packages.debian.org/stable/net/snort.html, along with some advice about getting signature updates (i.e. roll your own). IIRC "important new versions of existing packages" are allowed into point releases, so maybe Woody's main Snort engine binary packages can be updated when 3.0r1 happens. And I still think it'd be nice if we could find a way to package up and push out stable signature updates - but I can see why that would be difficult to set policy for. Cheers, Nick Boyce Bristol, UK -- "... the fundamental design flaws are completely hidden by the superficial design flaws." Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish.
