[Snort-users] Snort / Pulled Pork Confusion

Peter Bates peter.bates at ...15381...
Fri Oct 5 03:57:28 EDT 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On 05/10/2012 07:38, AllowOverride wrote:
> np, yes it interesting how barnyard2 is being promoted more than
> oinkmaster. i mean i had to fudge the url from pulledpork.conf to get
> the url to work, prolly losing functionality as i commented out a url or
> two to get it to pull rules. bottom line, its bar time devs, and agree
> on something for all these programs to work in tandem with ease not all
> this stress. maybe thats the intended purpose.. forcing turnkey
> solutions. im not one for it all, i will get it to work, but i feel
> sorry for the linux/unix noob to make it all work.

I presume you mean 'pulledpork is being promoted more than oinkmaster'?

The noob should probably be going for SecurityOnion/smooth-sec/redborder.

Learning how all the individual bits go together (Snort, output processor,
rule manager) is just that - learning.

You could argue that Snort could have retained its database plugin and bundle
a rule manager - but you can also see the logic behind them making things modular.

- -- 
Peter Bates
Senior Information Security Officer   Phone: +44(0)2076792049
Information Services Division	      Internal Ext: 32049
University College London
London WC1E 6BT
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQEcBAEBAgAGBQJQbpLoAAoJELhVoVpEMS6RvfQH/jHw7AdbUnwfUxS/pqNnKwaV
XOKRDybDlGUdBglaxTMp+jN7fn/MUfM+ZgZeGXtfuf0wYzXPbu5k40jG9QIsKfG9
scWWnIZSx+EP3O07VoingoWoPPKJQDg1lkDSWpCOUnHqZsjZHXQ7WqFkWtEBaotw
K3Qk4MWbZPmC9aEh03eeJZsK4WXhmKZY4OOgrE0G15cxxiNqVljnNkKq+nivlfys
1uxmJdWDJv+wtlScKIyeLxgnP5klSSTBtEnbaQKAqhM/vCdrAifwpVlsRegODnAQ
qQwhkSS7o7fVXglSrCxW/yBFdQZSW3PfHwY6iog+eZDjl2BfvlVylnECCpBKOKs=
=JAeO
-----END PGP SIGNATURE-----





More information about the Snort-users mailing list