Fedora 9 Update: snort-2.8.1-4.fc9

Tue Jul 15 12:21:18 UTC 2008

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-6071
2008-07-15 04:36:28
--------------------------------------------------------------------------------

Name        : snort
Product     : Fedora 9
Version     : 2.8.1
Release     : 4.fc9
URL         : http://www.snort.org
Summary     : Intrusion detection system
Description :
Snort is a libpcap-based packet sniffer/logger which
can be used as a lightweight network intrusion detection system.
It features rules based logging and can perform protocol analysis,
content searching/matching and can be used to detect a variety of
attacks and probes, such as buffer overflows, stealth port scans,
CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
Snort has a real-time alerting capabilty, with alerts being sent to syslog,
a separate "alert" file, or as a WinPopup message via Samba's smbclient

Edit /etc/snort.conf to configure snort and use snort.d to start snort

This rpm is different from previous rpms and while it will not clobber
your current snortd file, you will need to modify it.

There are 9 different packages available

All of them require the base snort rpm.  Additionally, you will need
to chose a binary to install.

/usr/sbin/snort should end up being a symlink to a binary in one of
the following configurations:

plain      plain+flexresp
mysql      mysql+flexresp
postgresql postgresql+flexresp
snmp       snmp+flexresp
bloat      mysql+postgresql+flexresp+snmp

Please see the documentation in /usr/share/doc/snort-2.8.1

There are no rules in this package  the license  they are released under forbids
us from repackaging them  and redistributing them.

--------------------------------------------------------------------------------
Update Information:

The snort package was not including the ssl preprocessor and some paths in the
snort.conf file were not correct. Both of these issues were corrected in this
update so that snort works out of the box.    The package now creates a snortd
user that an admin can edit /etc/sysconfig/snortd to change the user so that its
not running as root. This may require changing permissions on a few files and
directories, though.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 24 2008 Dennis Gilmore <dennis at ausil.us> - 2.8.1-4
- make sure we have the right initscript  and create a snortd user
- Fix bz 452736, 452737, & 452763
* Thu May 15 2008 Dennis Gilmore <dennis at ausil.us> - 2.8.1-3
- make rules dir
* Thu May 15 2008 Dennis Gilmore <dennis at ausil.us> - 2.8.1-2
- fix character encodings
* Fri Apr 25 2008 Steve Grubb <sgrubb at redhat.com> - 2.8.1-1
- update to 2.8.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #452737 - snort config files have a couple incorrect entries
        https://bugzilla.redhat.com/show_bug.cgi?id=452737
  [ 2 ] Bug #452736 - snort is missing ssl preprocessor
        https://bugzilla.redhat.com/show_bug.cgi?id=452736
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update snort' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------