[Snort-sigs] Bleeding snort rules and snortcenter2
JHally at ...1106...
Sun Mar 20 12:21:27 EST 2005
What file is this in, I can't seem to locate it.
From: Wes Young [mailto:wcyoung at ...2584...]
Sent: Friday, March 18, 2005 10:01 AM
To: John Hally
Cc: snort-sigs at lists.sourceforge.net
Subject: Re: [Snort-sigs] Bleeding snort rules and snortcenter2
-----BEGIN PGP SIGNED MESSAGE-----
at the top of the rule files headers of the snort ruleset you'll notice
a the following line:
# $Id: rulecat.rules
this is how snortcenter parses its rules into categories... there's a
script in the works to fix that (idealy, grab both rulesets, import them
into snortcenter, and update your rulebase accordingly).
for now, while you are importing rules, make sure you add that idtag to
to the top of the file
John Hally wrote:
| Hello All,
| Has anyone integrated the bleeding snort rule sets into snortcenter2?
| I've played around with it a little bit and it seems that it just dumps
| the bleeding rules into the unknown category. I'm curious if others
| have made modifications so that they drop into their own "bleeding'
| categories or merged them into the current categories.
| Thanks in advance!
Network Security Analyst
University at Buffalo
GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs