[Snort-users] updating snort rules set

Ian Macdonald secsnort at ...5528...
Wed Aug 7 20:01:02 EDT 2002


I would strongly suggest getting a linux box or your favorite flavour and
using oinkmaster to handle you rule updating. You can mount either a
a folder on the linux box with samba or smbfs if the share is on NT and
copy the rules to you Windows boxen. This will tell you what has been
updated in the rules and makes updating a breaze. I would start snort from
a command line and see what the error is. You can also use the -T or is it
-t command option to just test the config file.

Ian


On Wed, 7 Aug 2002 doswald at ...6357... wrote:

> I have deployed snort on win2k servers and I am trying to install the
> latest snort rules. The way I am doing this is by down loading the latest
> rules file and extracting them to the rules directory. After I do this I
> get an error when I try to restart snort, after I have replaced the old
> rules files snort starts again with no errors. Sooooooo what should I be
> doing that I'm not ? Is there any documentation I can reference ?
>
> Thanks for any assistance you can offer
>
> Dave Oswald
> Network Engineer
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>





More information about the Snort-users mailing list