Snort Version Mismatch
-
Hi,
Here's my version info:
pfSense: 2.0-RC1 Sat Feb 26 16:00:14 EST
Snort: 2.8.6.1 pkg v. 1.34I've googled about and searched this forum on and off for about a week now, but I seem to end up with more questions than answers.
According to the package manager, I should be running pkg version 1.35 of Snort, but according to the Snort GUI, I'm running 1.34.
According to this (http://forum.pfsense.org/index.php/topic,16847.0.html) the latest version is 1.34.
The reason why I am concerned is because like many others, my whitelist isn't working correctly. I'm relatively confident that I set it up correctly, but during a OpenVAS pentest, my pentest machine got blocked in spite of being on the whitelist. I can work around the bug as it is now by disabling blocking for the pentest time window, but this seems inelegant and is definitely frustrating for me.
I understand that I took the risk of dealing with unstable software when I installed 2.0-RC1, but my googling/forum searching seems to imply that 1.35 may fix my whitelist problem.
I would very much appreciate any answers anyone may be able to provide to the following questions:
-
Which version of Snort am I actually running?
-
Does 1.35 fix the whitelist problem that everyone seems to be having?
-
If 1.35 does fix it, how do I install it?
-
If it does not fix it, what can I do to fix the whitelist problem by hacking config files in the short term?
Please advise. Thank you!
-