[Snort-users] update via oinkmaster

Joel Esler jesler at ...1935...
Fri Dec 9 10:50:47 EST 2011


On Dec 9, 2011, at 10:45 AM, PAURON, GUILLAUME (GUILLAUME) wrote:

> I want to update my sigs, not snort of course :)
> 
> I am trying to get some rules from snort.org but it seems that when I try to dl the rules I am redirected to some hosts on others domains (I told sourceforge but this was an example).
> 

Updating sigs is easy, generate your oinkcode, and place your oinkcode into your oinkmaster.conf, and go..  However, it should /never/ go to sourceforge.  Our rules are hosted on Amazon's S3 cloud. 

The only thing we have on sourceforge is for FreeBSD's port structure.  That's why I asked you if you were running FreeBSD.


> I am trying to work with "whitelists" (snort.org, etc), so this is currently not working :(
> 

What whitelist are you referring to?  

> Maybe I am mal-using oinkmaster too :)

I think we are just basically confused. 

Please explain what you are trying to do, the command you are running, the .conf file that you are using, and the output from the command.

J

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4795 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20111209/6055b0bd/attachment.bin>


More information about the Snort-users mailing list