[Snort-users] Brief Description of Rule Sets

Joel Esler jesler at ...1935...
Tue Nov 22 16:41:55 EST 2011


Enrico,

We encourage the use of the "policy" feature in PulledPork.  This allows you to choose a default policy to start with.  We deal more with this in mind than we do with "on" or "off".

Plus, this changes a couple times a week when we release a rule pack.

J

On Nov 22, 2011, at 12:23 PM, Enrico wrote:

> yes, we would like an updated description on the rule categories too!
> moreover it would be nice to include the default number of active rules for each category,
> to avoid that one enables a rule set and then finds out that all the SID are commented out....
> 
> On 11/18/2011 04:35 PM, Joel Esler wrote:
>> Description of what our categories mean?
>> 
>> Sent from my iPhone
>> 
>> On Nov 18, 2011, at 10:26 AM, Bill Pickens<wmpickens at ...11827...>  wrote:
>> 
>>> I have an old Snort and IDS tools book  published in 2004 that has a chapter with a brief description of the rules sets.
>>> 
>>> Does anyone know where I can find a updated list. Is one kept?
>>> It will save some time on training I must do.
>>> 
>>> Thanks
>>> 
>>> 





More information about the Snort-users mailing list