[Snort-users] Latest rule update

Stefan Dens larc at ...1187...
Tue Mar 5 03:34:07 EST 2002


Brian wrote:

>According to User BALGAA System Engineer:
>
>>Hello,
>>
>>How can I to update snort-stable rule sets to latest rule sets?
>>
>
>wget http://www.snort.org/downloads/snortrules.tar.gz
>tar -zxvf snortrules.tar.gz
>cp rules/* /etc/snort/rules # (or wherever your rules exist)
>
>snortrules.tar.gz is updated every 30 minutes from CVS.  Downloading
>this every 30 minutes IS a bit much.  We usually make changes on a
>daily basis.  
>
>If you are looking for a regular update as to what changes are being
>made with the signatures, I would subscribe to the snort-cvs so you
>get up to the moment commit messages.
>
>-brian
>
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
I think that it would be better if there was a file like 
'snortrules.md5' on the snort website, with the latest checksum of the 
cvs-snapshot.
Then my script has just to compare the checksum and not download the 
hole tar.gz file to find out that there wasn't anything changed.

Stefan Dens






More information about the Snort-users mailing list