Date: Mon, 1 Aug 2022 19:52:19 +0200 From: Andrea Venturoli <ml@netfence.it> To: BSD Devel <freebsd@optimcloud.com>, freebsd-ports@freebsd.org Subject: Re: Snort3 Message-ID: <467cecb2-036d-a789-89a6-85b710d420e1@netfence.it> In-Reply-To: <1659367314460.2568685022.2516369900@optimcloud.com> References: <a565e17e-19ba-3789-079b-d86aba8e55b5@netfence.it> <1659367314460.2568685022.2516369900@optimcloud.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8/1/22 17:22, BSD Devel wrote: > I think the question is does anyone even use snort anymore? I'd be interested to know the answer... Is anyone here using it? > i thought it was dead Hmm... Seems latest release is 4 days old (latest was from 14 days ago). The port in our tree has already been updated. Of course Snort 2 is probably dying in favour of Snort 3 (formerly Snort++), which is a very different product. OTOH we don't have PulledPort 3 in the port tree (not sure if that is required or 0.7 will do). > pretty sure everyone uses prelude ids now! I'm inheriting some setups made by a person who is not working here anymore, so I'm probably still too ignorant on this matter (and I'm trying to catch up)... That said, Snort and Prelude seems two different things to me (NIDS/IPS vs SIEM); in fact I found some tutorials to integrate the two. If you think I'm wrong, I'm listening :) bye & Thanks av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?467cecb2-036d-a789-89a6-85b710d420e1>