[Snort-users] snort 1.8.1 and vision18.rules and mysql

Jeff Dell jdell at ...1095...
Mon Sep 3 07:29:15 EDT 2001


The problem that you are having with the first issues is that you are
trying to use classifications from both rule sets. Unfortuneatly they
are not using the same classifications and priority settings.

I wrote a Windows 2000 application that merges the two rule sets
together and cleans up some of the differences between them. It is
called IDS Policy Manager and you can download it at www.activeworx.com.
If you start out with the official rule set, this app makes it easy to
merge in new official rules and new whitehat rules when they come out. 

Jeff

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Poppi,
Sandro
Sent: Monday, September 03, 2001 10:03 AM
To: 'snort-users at lists.sourceforge.net'
Subject: [Snort-users] snort 1.8.1 and vision18.rules and mysql


I updated from snort 1.7 to 1.8.1 and am using vision18.rules from
www.whitehats.com. When starting snort I get weird errors saying "Bad
priority setting ..." over and over for vision18.rules. Disabling it in
snort.conf resolves this but I would like to use them. Any hints?

A second prob I have is with mysql: Since I'm no database guru I don't
know how to upgrade the existing snort 1.7 database to 1.8.1 using the
create_mysql. Running it on the existing db gives me error messages
about existing tables (which is ok I know). Did anyone on the list
already upgrade the db and could send me how?

TIA

Regards,
Sandro Poppi


_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list