[Snort-users] doc/signature files in Snort-184.108.40.206
nhoughton at ...1935...
Wed Apr 27 20:48:45 EDT 2011
On Wed, 27 Apr 2011 23:13:49 +0000, Zultan wrote:
> ----- Original Message -----
>> From: Nigel Houghton
>> Sent: 04/27/11 05:39 PM
>> To: Dheeraj Gupta
>> Subject: Re: [Snort-users] doc/signature files in Snort-220.127.116.11
>> On Wed, 27 Apr 2011 18:05:14 +0200, Dheeraj Gupta wrote:
>>> I have recently upgraded from Snort 18.104.22.168 to 22.214.171.124. Previously
>>> snort installation had a directory
>>> /snort_install_path/etc/doc/signatures (or something of that sort)
>>> which listed .txt files for all the signatures giving details of the
>>> signature like Affected Systems, Ease of Attack, References, False
>>> Positives etc. However, in the 126.96.36.199 installation I could not find
>>> those files. Have they been removed? I had written a program that
>>> used information contained in those files to extract affected systems
>>> information and verify the alerts. How should I source that
>>> information from current snort installation
>> You can find them at:
>> Where it says "Rule Documentation"
> Is there a command line URL for that?
> "http://www.snort.org/downloads/885" is subject to change, it is not?
Apparently, I did have to do the mailing list search after all:
SF VRT Department of Intelligence Excellence
http://vrt-blog.snort.org/ && http://labs.snort.org/
More information about the Snort-users