[Snort-users] Updating questions

Ed Padin ohdamnthathurts at ...131...
Thu Apr 19 12:25:20 EDT 2001

I use lynx to snag Max Vision's arachnids file:

lynx --source http://www.whitehats.com/ids/vision.conf

I grab this using a box that has access to the Internet and distribute it to
my snort boxes throughout the 'enterprise'. I also do other stuff with

- validate file before sending it. The last record is a 'special' record
marking the end of the file so i grep for that.

- check if snort bombs with the new file and revert to previous file, send

- periodically check snort processes and restart if dead

- archive and delete old entries /var/log/snort (soon to be changed to use

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Phil
Sent: Thursday, April 19, 2001 12:02 AM
To: snort users
Subject: [Snort-users] Updating questions

I have 2 questions:
1. I have noticed a lot of people mention that their
rulesets get updated daily and automatically? Is this
througha  plug-in, a cron job? What's the most
efficient way to do this?

2. People have mentioned to me upgrading tot he
snort-daily.tar.gz. That sounds dev-ish/cvs-ish... are
these releases stable or dev releases?


Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices

Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list