[Snort-users] snort 2.8.6.1 / barnyard2 2-1.8 (unified2) problem

Joel Esler jesler at ...1935...
Fri Aug 27 10:40:54 EDT 2010


On Aug 27, 2010, at 9:54 AM, "Lawrence R. Hughes, Sr." <lhughes at ...14822...> wrote:

> We think Barnyard2 is not at fault, and  the  snort sid-msg.map and rules are the problem.

Barnyard2 isn't reading the correct sid-msg.map file. 

You need to use either pulledpork or the create-sidmsg.pl file that comes with oinkmaster to make this file. 
I suggest the former.  


>  
> Are we thinking in the correct direction?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100827/0a65a7ca/attachment.html>


More information about the Snort-users mailing list