[prev in list] [next in list] [prev in thread] [next in thread]
List: snort-users
Subject: Re: [Snort-users] Subscription List better for detecting Social Media?
From: Lucas Smith via Snort-users <snort-users () lists ! snort ! org>
Date: 2020-03-27 18:49:34
Message-ID: CAFhENXpKje_4Uc7pvd2Ytejjr8y5MfX2pUdLiywRFPBFYD2EbQ () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Not that I'm aware of. For future reference though, the only version that
the Snort devs need is listed under Package Dependencies for Snort in
PfSense. Providing them with the PfSense-specific version number is bound
to cause confusion.
Lucas
On Fri, Mar 27, 2020 at 12:07 AM Periko Support via Snort-users <
snort-users@lists.snort.org> wrote:
> Yes, running pfsense.
>
> Yes, OpenappID.
>
> Does running pfsense have some issues?
>
> Thanks.
>
> On Tue, Mar 24, 2020 at 9:00 PM Lucas Smith <vedalken@veddysec.net> wrote=
:
> >
> > I'd wager a guess that it's either a typo or they may be using PfSense
> which gives two version numbers for Snort: a PfSense version number and t=
he
> dependency package version. The PfSense version number is 3.2.9.10_1 and
> the actual Snort version used for that is 2.9.15. That's the only thing I
> can think of myself.
> >
> > Lucas
> >
> > On Mon, Mar 23, 2020 at 2:15 PM Russ Combs (rucombs) via Snort-users <
> snort-users@lists.snort.org> wrote:
> >>
> >> Also, where did you get Snort 3.2.x ?
> >>
> >>
> >>
> >> From: Snort-users <snort-users-bounces@lists.snort.org> on behalf of
> "Joel Esler (jesler) via Snort-users" <snort-users@lists.snort.org>
> >> Reply-To: "Joel Esler (jesler)" <jesler@cisco.com>
> >> Date: Monday, March 23, 2020 at 2:14 PM
> >> To: Periko Support <pheriko.support@gmail.com>
> >> Cc: "snort-users@lists.snort.org" <snort-users@lists.snort.org>
> >> Subject: Re: [Snort-users] Subscription List better for detecting
> Social Media?
> >>
> >>
> >>
> >> Have you tried openappid type detection?
> >>
> >>
> >>
> >> https://snort.org/documents
> >>
> >> Sent from my =EF=A3=BF iPhone
> >>
> >>
> >>
> >> On Mar 23, 2020, at 13:07, Periko Support via Snort-users <
> snort-users@lists.snort.org> wrote:
> >>
> >> Hell guys.
> >>
> >> I'm running Snort 3.2.x and setup OpenappID trying to detect Social
> >> Media websites.
> >>
> >> But getting hard time to detect Facebook, Twitter, the big names.
> >>
> >> Them I just curios if Subscription Rules are better for this, I had
> >> never used them?
> >>
> >> Thanks for your help!!!
> >> _______________________________________________
> >> Snort-users mailing list
> >> Snort-users@lists.snort.org
> >> Go to this URL to change user options or unsubscribe:
> >> https://lists.snort.org/mailman/listinfo/snort-users
> >>
> >> To unsubscribe, send an email to:
> >> snort-users-leave@lists.snort.org
> >>
> >> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
> >>
> >> Please follow these rules:
> https://snort.org/faq/what-is-the-mailing-list-etiquette
> >>
> >> _______________________________________________
> >> Snort-users mailing list
> >> Snort-users@lists.snort.org
> >> Go to this URL to change user options or unsubscribe:
> >> https://lists.snort.org/mailman/listinfo/snort-users
> >>
> >> To unsubscribe, send an email to:
> >> snort-users-leave@lists.snort.org
> >>
> >> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
> >>
> >> Please follow these rules:
> https://snort.org/faq/what-is-the-mailing-list-etiquette
> _______________________________________________
> Snort-users mailing list
> Snort-users@lists.snort.org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
>
> To unsubscribe, send an email to:
> snort-users-leave@lists.snort.org
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
> Please follow these rules:
> https://snort.org/faq/what-is-the-mailing-list-etiquette
>
[Attachment #5 (text/html)]
<div dir="ltr">Not that I'm aware of. For future reference though, the only \
version that the Snort devs need is listed under Package Dependencies for Snort in \
PfSense. Providing them with the PfSense-specific version number is bound to cause \
confusion.<div><br></div><div>Lucas</div></div><br><div class="gmail_quote"><div \
dir="ltr" class="gmail_attr">On Fri, Mar 27, 2020 at 12:07 AM Periko Support via \
Snort-users <<a href="mailto:snort-users@lists.snort.org">snort-users@lists.snort.org</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Yes, running \
pfsense.<br> <br>
Yes, OpenappID.<br>
<br>
Does running pfsense have some issues?<br>
<br>
Thanks.<br>
<br>
On Tue, Mar 24, 2020 at 9:00 PM Lucas Smith <<a \
href="mailto:vedalken@veddysec.net" target="_blank">vedalken@veddysec.net</a>> \
wrote:<br> ><br>
> I'd wager a guess that it's either a typo or they may be using PfSense \
which gives two version numbers for Snort: a PfSense version number and the \
dependency package version. The PfSense version number is 3.2.9.10_1 and the actual \
Snort version used for that is 2.9.15. That's the only thing I can think of \
myself.<br> ><br>
> Lucas<br>
><br>
> On Mon, Mar 23, 2020 at 2:15 PM Russ Combs (rucombs) via Snort-users <<a \
href="mailto:snort-users@lists.snort.org" \
target="_blank">snort-users@lists.snort.org</a>> wrote:<br> >><br>
>> Also, where did you get Snort 3.2.x ?<br>
>><br>
>><br>
>><br>
>> From: Snort-users <<a href="mailto:snort-users-bounces@lists.snort.org" \
target="_blank">snort-users-bounces@lists.snort.org</a>> on behalf of "Joel \
Esler (jesler) via Snort-users" <<a href="mailto:snort-users@lists.snort.org" \
target="_blank">snort-users@lists.snort.org</a>><br> >> Reply-To: "Joel \
Esler (jesler)" <<a href="mailto:jesler@cisco.com" \
target="_blank">jesler@cisco.com</a>><br> >> Date: Monday, March 23, 2020 at \
2:14 PM<br> >> To: Periko Support <<a \
href="mailto:pheriko.support@gmail.com" \
target="_blank">pheriko.support@gmail.com</a>><br> >> Cc: "<a \
href="mailto:snort-users@lists.snort.org" \
target="_blank">snort-users@lists.snort.org</a>" <<a \
href="mailto:snort-users@lists.snort.org" \
target="_blank">snort-users@lists.snort.org</a>><br> >> Subject: Re: \
[Snort-users] Subscription List better for detecting Social Media?<br> >><br>
>><br>
>><br>
>> Have you tried openappid type detection?<br>
>><br>
>><br>
>><br>
>> <a href="https://snort.org/documents" rel="noreferrer" \
target="_blank">https://snort.org/documents</a><br> >><br>
>> Sent from my iPhone<br>
>><br>
>><br>
>><br>
>> On Mar 23, 2020, at 13:07, Periko Support via Snort-users <<a \
href="mailto:snort-users@lists.snort.org" \
target="_blank">snort-users@lists.snort.org</a>> wrote:<br> >><br>
>> Hell guys.<br>
>><br>
>> I'm running Snort 3.2.x and setup OpenappID trying to detect Social<br>
>> Media websites.<br>
>><br>
>> But getting hard time to detect Facebook, Twitter, the big names.<br>
>><br>
>> Them I just curios if Subscription Rules are better for this, I had<br>
>> never used them?<br>
>><br>
>> Thanks for your help!!!<br>
>> _______________________________________________<br>
>> Snort-users mailing list<br>
>> <a href="mailto:Snort-users@lists.snort.org" \
target="_blank">Snort-users@lists.snort.org</a><br> >> Go to this URL to change \
user options or unsubscribe:<br> >> <a \
href="https://lists.snort.org/mailman/listinfo/snort-users" rel="noreferrer" \
target="_blank">https://lists.snort.org/mailman/listinfo/snort-users</a><br> \
>><br> >> To unsubscribe, send an email to:<br>
>> <a href="mailto:snort-users-leave@lists.snort.org" \
target="_blank">snort-users-leave@lists.snort.org</a><br> >><br>
>> Please visit <a href="http://blog.snort.org" rel="noreferrer" \
target="_blank">http://blog.snort.org</a> to stay current on all the latest Snort \
news!<br> >><br>
>> Please follow these rules: <a \
href="https://snort.org/faq/what-is-the-mailing-list-etiquette" rel="noreferrer" \
target="_blank">https://snort.org/faq/what-is-the-mailing-list-etiquette</a><br> \
>><br> >> _______________________________________________<br>
>> Snort-users mailing list<br>
>> <a href="mailto:Snort-users@lists.snort.org" \
target="_blank">Snort-users@lists.snort.org</a><br> >> Go to this URL to change \
user options or unsubscribe:<br> >> <a \
href="https://lists.snort.org/mailman/listinfo/snort-users" rel="noreferrer" \
target="_blank">https://lists.snort.org/mailman/listinfo/snort-users</a><br> \
>><br> >> To unsubscribe, send an email to:<br>
>> <a href="mailto:snort-users-leave@lists.snort.org" \
target="_blank">snort-users-leave@lists.snort.org</a><br> >><br>
>> Please visit <a href="http://blog.snort.org" rel="noreferrer" \
target="_blank">http://blog.snort.org</a> to stay current on all the latest Snort \
news!<br> >><br>
>> Please follow these rules: <a \
href="https://snort.org/faq/what-is-the-mailing-list-etiquette" rel="noreferrer" \
target="_blank">https://snort.org/faq/what-is-the-mailing-list-etiquette</a><br> \
_______________________________________________<br> Snort-users mailing list<br>
<a href="mailto:Snort-users@lists.snort.org" \
target="_blank">Snort-users@lists.snort.org</a><br> Go to this URL to change user \
options or unsubscribe:<br> <a \
href="https://lists.snort.org/mailman/listinfo/snort-users" rel="noreferrer" \
target="_blank">https://lists.snort.org/mailman/listinfo/snort-users</a><br> <br>
To unsubscribe, send an email to:<br>
<a href="mailto:snort-users-leave@lists.snort.org" \
target="_blank">snort-users-leave@lists.snort.org</a><br> <br>
Please visit <a href="http://blog.snort.org" rel="noreferrer" \
target="_blank">http://blog.snort.org</a> to stay current on all the latest Snort \
news!<br> <br>
Please follow these rules: <a \
href="https://snort.org/faq/what-is-the-mailing-list-etiquette" rel="noreferrer" \
target="_blank">https://snort.org/faq/what-is-the-mailing-list-etiquette</a><br> \
</blockquote></div>
_______________________________________________
Snort-users mailing list
Snort-users@lists.snort.org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users
To unsubscribe, send an email to:
snort-users-leave@lists.snort.org
Please visit http://blog.snort.org to stay current on all the latest Snort news!
Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic