[Snort-users] Inputs about polman for managing rules

carlopmart carlopmart at ...11827...
Fri Apr 8 05:27:26 EDT 2011


Hi all,

  After some weeks of tests using pulledpork, I am not convinced. After 
searching another posibilities, I have found two: oinkmaster and polman 
(http://www.gamelinux.org/?p=240)

  Oinkmaster is too old and needs some tunning to make all I need and 
that causes difficulties to maintain.

  On the other side, Polman offers some very interesting features, but I 
see a problem: I need to keep two databases for different sensors 
(suricata and snort), hosted in shared storage accessible by two 
servers. Looking at the script, is enough to modify the path which 
polman search these databases?

  And any input about this tool??

  Thanks.

-- 
CL Martinez
carlopmart {at} gmail {d0t} com




More information about the Snort-users mailing list