[Snort-users] Updating questions
ohdamnthathurts at ...131...
Thu Apr 19 12:25:20 EDT 2001
I use lynx to snag Max Vision's arachnids file:
lynx --source http://www.whitehats.com/ids/vision.conf
I grab this using a box that has access to the Internet and distribute it to
my snort boxes throughout the 'enterprise'. I also do other stuff with
- validate file before sending it. The last record is a 'special' record
marking the end of the file so i grep for that.
- check if snort bombs with the new file and revert to previous file, send
- periodically check snort processes and restart if dead
- archive and delete old entries /var/log/snort (soon to be changed to use
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Phil
Sent: Thursday, April 19, 2001 12:02 AM
To: snort users
Subject: [Snort-users] Updating questions
I have 2 questions:
1. I have noticed a lot of people mention that their
rulesets get updated daily and automatically? Is this
througha plug-in, a cron job? What's the most
efficient way to do this?
2. People have mentioned to me upgrading tot he
snort-daily.tar.gz. That sounds dev-ish/cvs-ish... are
these releases stable or dev releases?
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users