[Snort-users] Snorby SBSA
Shawn.Jefferson at ...14448...
Fri Aug 27 13:15:36 EDT 2010
Not exactly at the same time, but with separate configs... and you need to have your configs setup properly so that pulledpork creates the sid-msg.map by merging the two runs-by specifying the rule files as "local" rule files.
There are a few things that pulledpork does different (and some of them automatically!) than oinkmaster, but once you figure that out, pulledpork is awesome.
From: Joel Esler [mailto:jesler at ...1935...]
Sent: Friday, August 27, 2010 8:51 AM
To: Christopher A. Libby
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snorby SBSA
Pulledpork will handle both ET and VRT rules at the same time, plus SO.
More information about the Snort-users