[Snort-sigs] Bleeding snort rules and snortcenter2
wcyoung at ...2584...
Fri Mar 18 07:01:48 EST 2005
-----BEGIN PGP SIGNED MESSAGE-----
at the top of the rule files headers of the snort ruleset you'll notice
a the following line:
# $Id: rulecat.rules
this is how snortcenter parses its rules into categories... there's a
script in the works to fix that (idealy, grab both rulesets, import them
into snortcenter, and update your rulebase accordingly).
for now, while you are importing rules, make sure you add that idtag to
to the top of the file
John Hally wrote:
| Hello All,
| Has anyone integrated the bleeding snort rule sets into snortcenter2?
| I've played around with it a little bit and it seems that it just dumps
| the bleeding rules into the unknown category. I'm curious if others
| have made modifications so that they drop into their own "bleeding'
| categories or merged them into the current categories.
| Thanks in advance!
Network Security Analyst
University at Buffalo
GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs