As noted below, there are MANY other changes, fixes, and additions so please don't hesitate to ask questions in irc (freenode #pulledpork) or on the mailing list.
get it here -> http://code.google.com/p/pulledpork
v0.4.2
New Features / changes:
- Capability to modify rules by category (See README.CATEGORIES)
- Capability to modify rules using regular expressions (pcre:) - See sid modification configs
- Capability to use regular expressions in specific rule modifications - See sid modification configs
- Changed the | delimiter for cve,bugtraq etc to :
- Added README.CATEGORIES
- Added README.SHAREDOBJECTS
- Follow flowbit chains
- Moved README files to doc
- Automatically determine arch
- Automatically determine Snort Version
- Added some verbiage surrounding HUP vs Restart vs When/where/who and how
- Added support for new snort.org download scheme of http://snort.org/reg-rules...
- Certain rules specific GID values were not being properly parsed by the modifysid sub.
- Bug #20 fixed, ranges are no longer off by +1 additional rule being enabled
- Enhancement request #21, added more descript information to dropsid.conf and to README
- Fixed flaw that caused certain flowbits to not be set (when GID boundaries were crossed and multiple keys were checked)
- Enhancement request #22 updated the master config file to contain all of the currently available precompiled SO rules
- Remove risky system calls, use handles instead
MD5SUM = d11b9d884f940a0df293718a4d4b3913
SHA256 = 3491b8c3c99c621cfd6467da2c43866f33ede1d096538e4a497cdf52b49ad677
Cheers,
JJC
No comments:
Post a Comment