[Snort-users] Do you prefer the snort.conf from the source or rule-set?

sog1024 sog1024 at ...14692...
Mon Nov 2 09:50:31 EST 2009


Hello,

I`m using snort in a lab for a couple months now in combination whit Base
and NSM.

During this periode, i have a few simple questions. I`m currios how other
snort-user solve this.

When i`m updating the rules on my snort-sensor. I`m  rewriting my snort.conf
file. Mainly because , there is an new snort.conf file whit every rule
delivery. What are your opinion about this? Are you using the snort.conf
file from the rules or form the snort delivery?

Secondly.  I can not find an version number in the rule sets. currently.
I`m setting the release date in the rules tar file before deploying. How do
you keep track of rule sets?

Best Reguards,

Sog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20091102/d35d821c/attachment.html>


More information about the Snort-users mailing list