[Snort-sigs] update of snort rules with pcre

Frank Knobbe frank at ...1978...
Fri Oct 24 21:25:19 EDT 2003


On Thu, 2003-10-23 at 03:25, Martin Olsson wrote:
> I hear you're talking about checking out rules via CVS instead of
> downloading the tar.gz.
> 
> Two questions:
> 
> 1. Are the rules in CVS more frequently updated than the stable.tar.gz, or
>    is the tar-file automaticly created from CVS every day?

Sorry, I don't have the answer for that, but I thought the tar was
rolled from CVS daily. 

Brian?

> 2. What is the best command to download only the rules, not the entire
>    snort distribution from CVS? (http://www.snort.org/source.html only
>    state how to download the entire thing)

You need two directories, rules and etc (for the sid files). Following
command would work:

# cvs -d :pserver:anonymous at cvs.snort.sourceforge.net:/cvsroot/snort co
-r SNORT_2_0 snort/etc snort/rules

Then just use a script to move/copy the rules and the pertinent files
from etc (i.e. sid-msg.map) into your production Snort dir. Note that
above will check out 2.0 rules, not HEAD :)

Hope this helps,
Frank


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20031024/b11f6c72/attachment-0001.sig>


More information about the Snort-sigs mailing list