Skip to content

Releases: Cisconate/Snort3Converter

Majority Suricata Support

23 Mar 18:12
@Cisconate Cisconate
v0.1.0
6b5f359
Compare
Choose a tag to compare
Majority Suricata Support Pre-release
Pre-release

This is the Second release of the converter tool which supports conversion of Suricata IDS rules to Snort 3 IDS rules. It is built hierarchically and modularly so that in the future I can easily expand it to support others.

This build has only been tested on a large selection of the rules posted to: https://rules.emergingthreats.net/open/suricata-5.0/rules/

These rules were tested by ingest to Firepower 7.0 FDM and FMC to validate Snort 3 syntax. This does NOT necessarily mean they are built correctly at this time, however would lend credence to the fact that they PROBABLY are.

In the future I plan to add a full rules conversion test. Currently a small group of rules are used each build to verify functionality.

Assets 3
Loading

Initial Release

15 Mar 14:59
@Cisconate Cisconate
v0.0.1
ab5dc6e
Compare
Choose a tag to compare
Initial Release Pre-release
Pre-release

This is a first release of the converter tool which supports conversion of Surricata IDS rules to Snort 3 IDS rules. It is built hierarchically and modularly so that in the future I can easily expand it to support many others.

This build has only been tested to support ssh rules, URL rules, and User-Agent rules.

Assets 3
Loading