[Snort-users] Emerging Threats Rules

Jefferson, Shawn Shawn.Jefferson at ...14448...
Wed Oct 22 19:05:09 EDT 2008


I was wondering what the best method of implementing the Emerging
Threats rules on a snort machine is?  I'm using Snort with MySQL,
Barnyard and BASE.

I've got my snort machine downloading the Emerging Threats rules
everyday, and I just put an include for each ET rule file in the
snort.conf file.  Is this the best way to handle it?

Also, I noticed that in BASE, I am not seeing the SID name, and I'm
assuming that is because I am not telling the system to look at the ET
sid.msg file.  What's the best way to deal with that?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20081022/d3d4931d/attachment.html>

More information about the Snort-users mailing list