[Snort-users] Snorby SBSA

Jefferson, Shawn Shawn.Jefferson at ...14448...
Fri Aug 27 13:15:36 EDT 2010


Not exactly at the same time, but with separate configs... and you need to have your configs setup properly so that pulledpork creates the sid-msg.map by merging the two runs-by specifying the rule files as "local" rule files.

There are a few things that pulledpork does different (and some of them automatically!) than oinkmaster, but once you figure that out, pulledpork is awesome.

-----Original Message-----
From: Joel Esler [mailto:jesler at ...1935...] 
Sent: Friday, August 27, 2010 8:51 AM
To: Christopher A. Libby
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snorby SBSA

Pulledpork will handle both ET and VRT rules at the same time, plus SO. 






More information about the Snort-users mailing list