I've been running Snort for a month or so now on a Woody box at work, and am now wondering whether the Debian Project (or packager) has a Plan for providing signature file updates to users of the stable distribution.
The snort-rules-default package available in stable never gets updated - nor would we normally expect it to unless a security vulnerability arises - but obviously IDS signatures must be kept up to date on a *timely* basis, just like antivirus package signatures, for the package to be fully effective. I don't intend any criticism, but do wonder what we're expected to do about this - download fresh signatures straight from www.snort.org ? If so, are there any special steps required to integrate such a download into our Debian Woody system ? Alternatively, I note there are later signature packages in testing and unstable - can we use those on a Woody system ? I searched the debian-security archive but didn't hit any items discussing this, so maybe it's a dumb question - sorry, I'm a newb here. Thanks for _any_ comments at all. Nick Boyce Bristol, UK -- Stenderup's Law: The sooner you fall behind, the more time you will have to catch up. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
