[Snort-users] update rules
elemint at ...11827...
Fri Mar 3 11:24:00 EST 2006
If my rule path is var RULE_PATH /etc/snort can I just then copy the
numbered rules into the /etc/snort directory and then the new rules will be
What is strange is that the old rules are labeled with a descriptive name
but the new rules have the rule id as the filename.
On 3/2/06, Our World Is Here <info at ...2282...> wrote:
> Review your snort.conf and ensure your rules are enabled and in the
> path as specified in this file.
> How many rules are running with snort?
> Are they the rules you want?
> You may also want to review oinkmaster (...the leader in snort rules
> James Friesen
> > -----Original Message-----
> > From: Jim B
> > Sent: Wednesday, March 01, 2006 7:50 PM
> > To: snort-users at lists.sourceforge.net
> > Subject: [Snort-users] update rules
> > After I download the subscription required rules how to I
> > integrate them into my snort configuration, I have a basic
> > snort config and the rules I have so far are what came with
> > the rpm that I used to install the program.
> > Also how can I be sure that all of the rules are actually
> > being used by snort becuase I am only getting alerts specific to snmp.
> > Jim
> avast! Antivirus <http://www.avast.com> : Outbound message clean.
> Virus Database (VPS): 0609-1, 03/01/2006
> Tested on: 3/2/2006 7:35:52 AM
> avast! - copyright (c) 1988-2005 ALWIL Software.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users