This a status report on the Snare ITP. Thanks, Andrew Lau
----- Forwarded message from Andrew Lau <[EMAIL PROTECTED]> -----
From: Andrew Lau <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED]
Subject: Regarding your Debian ITPs to Snare
Hey everyone,
I'm sorry to crash in your party, but please note the earlier
ITP #125657 on Snare. I'm not the official owner of the ITP, but I
have been working on it as well since I have the ITP on the other
InterSect Alliance Tool, RazorBack and am also in close contact with
upstream. I have been active with these ITPs and the only reason why I
haven't finished packaging either of them are due to upstream bugs:
Razorback is having difficulties parsing the logs that Snort in Debian
is producing at the moment while Snare's is detailed below:
----- Forwarded message from Leigh Purdie <[EMAIL PROTECTED]> -----
Subject: Re: Packaging problems with Razorback for Debian GNU/Linux
From: Leigh Purdie <[EMAIL PROTECTED]>
To: Andrew Lau <[EMAIL PROTECTED]>
Cc: George Cora <[EMAIL PROTECTED]>
Date: 24 Oct 2002 09:00:20 +1000
G'day Andrew,
Sorry for the slow-down on this mate - After installing a redhat 8 box
the other week, I now realise that kernel 2.4.18+ no longer includes the
hooks we need to integrate Snare! As such, I've been feverishly
attempting to mangle code to fit into the kernel (rather than as a
module release).
Meanwhile, can you think of any SNORT setting that may force log data to
be single-line rather than multi? A scan through my & your snort.conf
didn't hit me between the eyes with anything...
Regards,
Leigh.
--------------------------------------------------------------------------------
I'm still waiting on upstream to fix both of these bugs. So do you
guys still want to take over Snare?
Yours sincerely,
Andrew "Netsnipe" Lau
--
---------------------------------------------------------------------------
* Andrew 'Netsnipe' Lau Computer Science & Sturep, UNSW *
* "apt-get into it" Debian GNU/Linux Packager *
* <netsnipe(+)debianplanet.org\0> <alau(+)cse.unsw.edu.au\0> *
* GnuPG 1024D/2E8B68BD 0B77 73D0 4F3B F286 63F1 9F4A 9B24 C07D 2E8B 68BD *
---------------------------------------------------------------------------
----- End forwarded message -----
--
---------------------------------------------------------------------------
* Andrew 'Netsnipe' Lau Computer Science & Sturep, UNSW *
* "apt-get into it" Debian GNU/Linux Packager *
* <netsnipe(+)debianplanet.org\0> <alau(+)cse.unsw.edu.au\0> *
* GnuPG 1024D/2E8B68BD 0B77 73D0 4F3B F286 63F1 9F4A 9B24 C07D 2E8B 68BD *
---------------------------------------------------------------------------
pgpvUtNqq8Gsb.pgp
Description: PGP signature
