[Snort-users] Re: Rule Management for Snort

Alex Pinheiro Machado Rodrigues alex at ...3156...
Tue Feb 26 09:25:03 EST 2002

Hello Mark. If you add "drop" action into your software, it will be useful
while using with hogwash,ok?

----- Original Message -----
From: "Mark Vevers" <mark at ...5096...>
To: <snort-users at lists.sourceforge.net>
Sent: Tuesday, February 26, 2002 12:54 PM
Subject: [Snort-users] Rule Management for Snort


For those of you who use ACID and have alternative monitoring arrangements
to Demarc for your network, but would like centralized rule management
for Snort I have written a small PHP addon - RuleMANagaer for Snort:

Main Features:
    Multiple Sensors with different rule sets (managed by rule group).
    Ruleset merging from latest snort rules or your own rulesets.
    Automatic sensor update and snort-restart.
    Rule Editing and Creation.
    Uses central snort MySQL Database.
    Open Source GPL License.

The software is currently at 0.0.2 alpha stage, but is used in a real live
environment to control a group of sensors.

    URL: http://rman.sourceforge.net
    Project URL : http://sourceforge.net/projects/rman

The next stage is to add variable management and rule filters to allow
sensors to pick up their variables from the db and vary them by
sensor-rulegroup combinations.

If you want to contribute to the project please let me know.  Any comments
etc. welcome.   The more feedback I get the more I'll work on the code!
I hope some people may find it of use.


Mark Vevers

Mark Vevers.    mark at ...5096... / mvevers at ...5097...
Internet Backbone Engineering Team
Internet for Learning, Research Machines Plc
Tel: +44 1235 823380,   Fax: +44 1235 823424

Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list