[Snort-users] Dynamic Rules

Bamm Visscher bamm.visscher at ...11827...
Sun Oct 22 00:49:53 EDT 2006


Thanks, I hadn't seen that. I did compile these rules, but I am not
sure that entry would have been much help. I'll comment more when I
get some time.


Bammkkkk

On 10/20/06, Justin Heath <justin.heath at ...11827...> wrote:
> Check out http://www.snort.org/docs/faq/3Q06/node87.html
>
>
> On 10/20/06, Bamm Visscher < bamm.visscher at ...11827...> wrote:
> >
> > I just started looking at dynamic rules and had a question about
> > logging. The gen id is hardcoded  to 3 and it appears any alert that
> > goes thru unfied and barnyard is going to have a msg of "snort dynamic
> > alert".  Has there been any discussion about creating a map file for
> > these rules/alerts, or am I missing something?
> >
> > Also, is there any decent docs out there for compiling these rules?
> >
> > Bammkkkk
> >
> >
> >
> > --
> > sguil - The Analyst Console for NSM
> > http://sguil.sf.net
> >
> >
> -------------------------------------------------------------------------
> > Using Tomcat but need to do more? Need to support web services, security?
> > Get stuff done quickly with pre-integrated technology to make your job
> easier
> > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> >
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
>
>


-- 
sguil - The Analyst Console for NSM
http://sguil.sf.net




More information about the Snort-users mailing list