[Snort-users] Dynamic Rules

Bamm Visscher bamm.visscher at ...11827...
Fri Oct 20 15:46:32 EDT 2006


I just started looking at dynamic rules and had a question about
logging. The gen id is hardcoded  to 3 and it appears any alert that
goes thru unfied and barnyard is going to have a msg of "snort dynamic
alert".  Has there been any discussion about creating a map file for
these rules/alerts, or am I missing something?

Also, is there any decent docs out there for compiling these rules?

Bammkkkk



-- 
sguil - The Analyst Console for NSM
http://sguil.sf.net




More information about the Snort-users mailing list