[Snort-sigs] snortcenter2 and updates of bleeding snort rulesets

Wes Young wcyoung at ...2584...
Thu Jan 13 07:02:17 EST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As of now, Bleeding doesnt work with SC2...

The file format of bleeding is diff slightly than Std. (When it comes to
parsing and catagorizing the rules in SC2). I know jason emailed the
guys at bleeding, but i'm not sure if he got a response yet... Waiting
on what they have to say before re-coding part of SC2 to work with bleeding.

a work around for right now:

2 ways:
	1. Copy paste the rule in with the following line at the top:
		 $Id: bleeding-file.rules
		 alert....
	2. extract all the rulefiles to a local folder, add that line to
	   the top of each file and upload them.

Jason, you heard back from matt yet?

Brandon Rodak wrote:
| Hello all:
|
| I have just completed a basic integration of the patched Snortcenter2
| and base (an ACID fork) to work with Snort 2.3.0RC1. I have the current
| snort rulesets managed through the "Update from Internet" feature (as
| well as cron.)
|
| My question is: Has anyone been able to add the ability to grab the
| latest, greatest Bleeding Snort rules to import into the Snortcenter2
| generated snort.conf?
|
| Is oinkmaster a possibility, and if so how does it work with the custom
| generated snort.conf of snortcenter2?
|
| Thanks for any and all help -
| Brandon
|
|
| -------------------------------------------------------
| The SF.Net email is sponsored by: Beat the post-holiday blues
| Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
| It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
| _______________________________________________
| Snort-sigs mailing list
| Snort-sigs at lists.sourceforge.net
| https://lists.sourceforge.net/lists/listinfo/snort-sigs
|
|

- --
Wes Young
Network Security Analyst
University at Buffalo
GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)

iD8DBQFB5ovdzLe0Tk6uDXYRAiwrAKC6A8EtzYcJfawi5/QyOPmOcmWkYACfTKOt
+C+HLX8nu20hyh4PeO0xq7Q=
=5XWT
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list