[Snort-sigs] Rule format anomaly for sid 1024 & 1809
bmc at ...95...
Sat Apr 3 12:13:05 EST 2004
On Sat, Apr 03, 2004 at 08:46:41PM +0200, Sean Wheeler wrote:
> All you regex gurus see below ...got a solution to having the below and
> resolving the above ?
Some people, when confronted with a problem, think ``I know, I'll use
regular expressions.'' Now they have two problems.
Blessed are they that use CPAN, for exceedingly large shall be the
number of wheels that they do not re-invent.
If you are trying to parse the rules, try not to re-invent the wheel.
Grab Net::Snort::Parser from http://www.shmoo.com/~bmc/software/snortconfig/
(Its going to be in CPAN shortly :P)
More information about the Snort-sigs