[Snort-openappid] problems in updating rules

sourabh singhrathore rsourabhs at ...8...
Sat Jun 10 12:13:26 EDT 2017


Hi Joel,

Thanks for reply, I hope you well.

Basically my current organization will buy new Cisco NGIPS devices and in
this IPD some default rules is there i want to modify those rules according
to our infrastructure.

Currently i dont have any knowledge about rules, i searched it on goggle it
says NGIPS rules are snort rules, so i want to learn those things.

Please suggest the further path what should i do, shall i learn snort rule
first or shall i go to modify Cisco NGIPS rules.  Currently i dont have any
simulator to check how this device is working.

Regards,
Sourabh Singh

On Sat, Jun 10, 2017 at 9:24 PM, Joel Esler (jesler) <jesler at ...5...>
wrote:

> What kind of rules?  Snort rules? Or OpenAppId rules?
>
> --
> Sent from my iPhone
>
> On Jun 10, 2017, at 11:47, sourabh singhrathore <rsourabhs at ...8...>
> wrote:
>
> Dear Team,
>
> I want to learn creation of rules and modify rules in Cisco Sourcefire
> (NGIPS) according to our infrastructure could you please provide us the
> details from where we can get those resources. Currently i am new in this
> field i want to learn from scratch.
>
> I have a Kali Linux to test all rules, please suggest if you have any
> simulator to test our rules or dumb setup to test all things.
>
> Awaiting for your positive response.
>
> Warm Regards,
> Sourabh Singh
>
>
>
> On Sat, Jun 10, 2017 at 12:54 AM, Joel Esler (jesler) <jesler at ...5...>
> wrote:
>
>> You’re going to have to give us some errors or something.  I don’t see
>> how we can troubleshoot your issue with what you have provided.
>>
>>
>> *--*
>> *Joel Esler *| *Talos:* Manager | jesler at ...5...
>>
>>
>>
>>
>>
>>
>> On Jun 8, 2017, at 8:13 AM, Etian Menencia Garcia <etian.menencia at ...161......>
>> wrote:
>>
>> I have serious problems in updating my snort rules, I try with Force
>> Download but still not working, what can I do with it?
>>
>>
>>
>> ------------------------------------------------------------
>> ------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Snort-openappid mailing list
>> Snort-openappid at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/snort-openappid
>>
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20170610/6c36ea53/attachment.html>


More information about the Snort-openappid mailing list