[Snort-users] Snort / Pulled Pork Confusion
peter.bates at ...15381...
Fri Oct 5 03:57:28 EDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
On 05/10/2012 07:38, AllowOverride wrote:
> np, yes it interesting how barnyard2 is being promoted more than
> oinkmaster. i mean i had to fudge the url from pulledpork.conf to get
> the url to work, prolly losing functionality as i commented out a url or
> two to get it to pull rules. bottom line, its bar time devs, and agree
> on something for all these programs to work in tandem with ease not all
> this stress. maybe thats the intended purpose.. forcing turnkey
> solutions. im not one for it all, i will get it to work, but i feel
> sorry for the linux/unix noob to make it all work.
I presume you mean 'pulledpork is being promoted more than oinkmaster'?
The noob should probably be going for SecurityOnion/smooth-sec/redborder.
Learning how all the individual bits go together (Snort, output processor,
rule manager) is just that - learning.
You could argue that Snort could have retained its database plugin and bundle
a rule manager - but you can also see the logic behind them making things modular.
Senior Information Security Officer Phone: +44(0)2076792049
Information Services Division Internal Ext: 32049
University College London
London WC1E 6BT
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Snort-users