[Snort-users] Updating questions
bmc at ...312...
Thu Apr 19 09:38:39 EDT 2001
> I have 2 questions:
> 1. I have noticed a lot of people mention that their
> rulesets get updated daily and automatically? Is this
> througha plug-in, a cron job? What's the most
> efficient way to do this?
This is a REALLY stupid thing to do. NEVER automate downloading of new
rulesets. God forbid you downloaded a "broken" ruleset and hose your
system. NEVER NEVER NEVER do that. At the MAXIMUM notify yourself when
new rules are available and do it by hand.
How many times do I have to say this to people? Ever heard of Network
Solutions being absolutely stupid? I have. A number of times. If
someone really wanted to, they could easily rewrote snort.org or
whitehats.com to the mars lunar rover for you to download rules from
> 2. People have mentioned to me upgrading tot he
> snort-daily.tar.gz. That sounds dev-ish/cvs-ish... are
> these releases stable or dev releases?
This version is usually stable. Maybe we should start a current branch
and a stable branch and maintain them both? only put fixes in stable,
new features in current.
More information about the Snort-users