[Snort-users] Broken snort rule

Matt Olney molney at ...1935...
Tue Oct 7 14:36:51 EDT 2008


Actually, in snort 2.8.3.3, the -x control:

-x         Exit if Snort configuration problems occur

will fail out on many common rule problems.   For example, duplicate sids.

Matt

On Tue, Oct 7, 2008 at 2:30 PM, Paul Schmehl <pauls at ...6838...> wrote:

> --On Tuesday, October 07, 2008 11:48:45 -0500 Matt Jonkman <
> jonkman at ...4024...> wrote:
>
>
>> Cool, I had stopped testing of the autogenerated rules because it didn't
>> seem to be of much use. Will turn that back on.
>>
>> Is there an easy way to parse the other rules though for more subtle
>> errors? Or force verbosity to get it to tell us about rules ignored?
>>
>>
> does # snort -Tvvvvvv not do the trick?
>
> --
> Paul Schmehl (pauls at ...6838...)
> Senior Information Security Analyst
> The University of Texas at Dallas
> http://www.utdallas.edu/ir/security/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20081007/07c2d5c1/attachment.html>


More information about the Snort-users mailing list