SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
| Anonymous | Login | 2020-02-20 04:23 UTC |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0002227 | Endian Firewall | Other Services | public | 2009-09-29 13:19 | 2009-10-27 11:58 | ||||
| Reporter | Renee | ||||||||
| Assigned To | peter-endian | ||||||||
| Priority | normal | Severity | feature | Reproducibility | N/A | ||||
| Status | closed | Resolution | fixed | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | |||||||||
| Target Version | 2.3 | Fixed in Version | 2.3 | ||||||
| Summary | 0002227: Snort update to Version 2.8.5 | ||||||||
| Description | Please update the Snort Version to 2.8.5 this Version has two updated Preprocessors and a new option which allow to continued inspection of Traffic when reload a configuration thats very interesting because the version used currently of Snort blocked the Traffic during reload. http://www.snort.org/news/2009/09/16/snort-2-8-5-is-now-available/ [^] | ||||||||
| Tags | needsfix, purple | ||||||||
| Attached Files |  Snort new rules.jpg [^] (257,281 bytes) 2009-10-03 23:37
| ||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0003043) peter-endian (administrator) 2009-09-29 15:36 |
interesting, will do that after 2.3 |
|
(0003045) Renee (reporter) 2009-09-29 17:45 edited on: 2009-09-29 18:09 |
Better it would be if it immediately with in 2.3 flows in because with the old ones 2.8.2.1 the VRT rules from snort.org also do not function any more because they new orders contained with the old version nothing can start and accordingly with an error message the service given a receipt. And if the rules from www.emergingthreats.net, perhaps, also sometime these new orders contained this kills Snort with an update.What can absolutely happen because from the 2nd of October they already change the rules file structure http://www.emergingthreats.net/ [^] |
|
(0003056) Renee (reporter) 2009-10-04 00:04 |
It does go quite loose the last rules contained already a Keyword what the old version not knows see the high-loaded picture. |
|
(0003058) luca-endian (developer) 2009-10-05 08:37 |
quick fix: - don't upgrade snort rules until a fix will be released - edit the file /etc/snort/rules/auto/emerging-web_specific_apps.rules - remove the following rule: alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC WordPress plug-in potential path disclosure"; flow:established,to_server; uricontent:"/wp-content/plugins/"; nocase; content:!"|0d 0a|Referer|3a 20|"; nocase; http_header; classtype:attempted-recon; reference:url,seclists.org/fulldisclosure/2009/Sep/0387.html; reference:url,doc.emergingthreats.net/2009996; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SQL_INJECTION/WEB_Wordpress; sid:2009996; rev:3;) - restart snort |
|
(0003059) Renee (reporter) 2009-10-05 08:50 |
I have deaktivate the rule in the rule editor is the same effect.But this is not a lasting solution also now a new Snort version must be probably built.Me surprises only nobody has struck the VRT rules from snort.org already do not go since April or thus any more. |
|
(0003101) Renee (reporter) 2009-10-13 11:44 |
Where can I find the new Snort packages him? |
|
(0003107) peter-endian (administrator) 2009-10-13 16:40 |
comes with the final release 'resolved' means we fixed it in our subversion repository |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2009-09-29 13:19 | Renee | New Issue | |
| 2009-09-29 15:36 | peter-endian | Note Added: 0003043 | |
| 2009-09-29 15:37 | peter-endian | Status | new => confirmed |
| 2009-09-29 15:37 | peter-endian | Target Version | => future |
| 2009-09-29 17:45 | Renee | Note Added: 0003045 | |
| 2009-09-29 17:49 | Renee | Note Edited: 0003045 | |
| 2009-09-29 18:08 | Renee | Note Edited: 0003045 | |
| 2009-09-29 18:09 | Renee | Note Edited: 0003045 | |
| 2009-10-03 23:37 | Renee | File Added: Snort new rules.jpg | |
| 2009-10-04 00:04 | Renee | Note Added: 0003056 | |
| 2009-10-05 08:17 | luca-endian | Tag Attached: purple | |
| 2009-10-05 08:37 | luca-endian | Note Added: 0003058 | |
| 2009-10-05 08:50 | Renee | Note Added: 0003059 | |
| 2009-10-05 09:35 | peter-endian | Target Version | future => 2.3 |
| 2009-10-05 09:35 | peter-endian | Status | confirmed => new |
| 2009-10-05 09:35 | peter-endian | Assigned To | => peter-endian |
| 2009-10-05 09:35 | peter-endian | Status | new => assigned |
| 2009-10-08 13:19 | peter-endian | Status | assigned => resolved |
| 2009-10-08 13:19 | peter-endian | Fixed in Version | => 2.3 |
| 2009-10-08 13:19 | peter-endian | Resolution | open => fixed |
| 2009-10-12 19:04 | peter-endian | Tag Attached: needsfix | |
| 2009-10-13 04:59 | Anonymous | Status | resolved => feedback |
| 2009-10-13 04:59 | Anonymous | Resolution | fixed => reopened |
| 2009-10-13 11:44 | Renee | Note Added: 0003101 | |
| 2009-10-13 16:40 | peter-endian | Note Added: 0003107 | |
| 2009-10-13 16:41 | peter-endian | Status | feedback => resolved |
| 2009-10-13 16:41 | peter-endian | Resolution | reopened => fixed |
| 2009-10-27 11:58 | peter-endian | Status | resolved => closed |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |