[Snort-sigs] Fwd: Snort rules

Ahmad Hassan ahmedgc0101 at gmail.com
Wed Nov 29 14:59:01 EST 2017


Hi ,

Hope you are doing well .

I have configured snort version 2.9.9.0 on Ubuntu 16.0 on my VMware
workstation . I also installed barnyard2 and BASE . Everything is OK . But
I want to run Snort in IPS mode . I read many articles on internet and
finally i was able to download snort rules from snort official site.
Actually , Snort has only few Drop rules and other rules are in Alert mode
.If i change it in Drop mode, snort runs not.My questions are

How can I come to know snort rules from so and so site and place if i use
will work for me in snort inline mode . ?
Can i use snort as antivirus . ?
which are the snort configured rules in line mode (drop ) by snort
official  to download and from where ?

Thanks for your time and hope you will guide me .

Regards,
Ahmad Hassan .
ahmedgc0101 at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20171130/f883b267/attachment.html>


More information about the Snort-sigs mailing list