[Snort-sigs] Bleeding snort rules and snortcenter2

Wes Young wcyoung at ...2584...
Fri Mar 18 07:01:48 EST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

yup yup

at the top of the rule files headers of the snort ruleset you'll notice
a the following line:

# $Id: rulecat.rules

this is how snortcenter parses its rules into categories... there's a
script in the works to fix that (idealy, grab both rulesets, import them
into snortcenter, and update your rulebase accordingly).

for now, while you are importing rules, make sure you add that idtag to
to the top of the file

John Hally wrote:
| Hello All,
|
|
|
| Has anyone integrated the bleeding snort rule sets into snortcenter2?
| I've played around with it a little bit and it seems that it just dumps
| the bleeding rules into the unknown category.  I'm curious if others
| have made modifications so that they drop into their own "bleeding'
| categories or merged them into the current categories.
|
|
|
|
|
| Thanks in advance!
|

- --
Wes Young
Network Security Analyst
University at Buffalo
GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCOu0Q1M5o0FsrrbERAuAHAKCLKRUO30dxvkQgkpNk+j1blvwSpACgjzj9
Z0cv89QKHaGUWlPxmDl2ScI=
=YTqo
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list