[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Updating Snort Signatures In Stable ?

I've been running Snort for a month or so now on a Woody box at work,
and am now wondering whether the Debian Project (or packager) has a
Plan for providing signature file updates to users of the stable

The snort-rules-default package available in stable never gets updated
- nor would we normally expect it to unless a security vulnerability
arises - but obviously IDS signatures must be kept up to date on a
*timely* basis, just like antivirus package signatures, for the
package to be fully effective.

I don't intend any criticism, but do wonder what we're expected to do
about this - download fresh signatures straight from www.snort.org ?

If so, are there any special steps required to integrate such a
download into our Debian Woody system ?

Alternatively, I note there are later signature packages in testing
and unstable - can we use those on a Woody system ?

I searched the debian-security archive but didn't hit any items
discussing this, so maybe it's a dumb question - sorry, I'm a newb

Thanks for _any_ comments at all.

Nick Boyce
Bristol, UK
Stenderup's Law: The sooner you fall behind, the more time you will have to catch up.

Reply to: