[Snort-users] How we can identify and remove old signatures?

Joel Esler joel.esler at ...1935...
Sat Jun 16 08:17:09 EDT 2007


What do you mean by 'expired'?  Any rules that Sourcefire has  
superseded or done-away-with are placed in deleted.rules, otherwise  
all rules that are in the current ruleset are for use.



joel esler | security consultant | Sourcefire | pgp  key is public



On Jun 16, 2007, at 2:39 AM, bahamin takhtaei wrote:

> Hi,
> as you know snort has a lot of signatures that some of them are  
> expired now.
> Do you have any idea to identify and remove the expired signatures?  
> (I want to
> decrease the loading time)
>
>
> thank you in advanced,
> Bahamin
>
>
> Be a better Globetrotter. Get better travel answers from someone  
> who knows.
> Yahoo! Answers - Check it out.
> ---------------------------------------------------------------------- 
> ---
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/ 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20070616/b1c7dfbb/attachment.html>


More information about the Snort-users mailing list