[Snort-users] Extracting snortrules-2931.tar.gz

AllowOverride allowoverride at ...11827...
Tue Oct 9 21:01:06 EDT 2012


good points. dually noted. thanks pete

On Tue, 2012-10-09 at 21:28 +0100, Peter Bates wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> Hello all
> 
> On 09/10/2012 21:02, Jeremy Hoel wrote:
> > When you try and use examples you have to expect and realize that
> > the example might be out of date and maybe try and figure out what
> > it might take to make it work.
> 
> I can see both sides of the argument here - I do side with encouraging
> people to solve their own problems but in the case of
> 
> http://snort.org/snort-rules/cli
> 
> there's no real reason for it reflecting out of date information
> or for not offering a better example of how to construct 'filename'
> 
> A wider issue is that if the Snort source tarball contained some
> example rules (or a sample local.rules and then commented out all the
> others included by default) it might be easier for the beginner.
> 
> But then of course, there's Pulledpork and SecurityOnion,
> and if IT was easy then I'd be out of a job.
> 
> - -- 
> Peter Bates
> Senior Computer Security Officer    Phone: +44(0)2076792049
> Information Services Division	    Internal Ext: 32049
> University College London
> London WC1E 6BT
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (Darwin)
> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
> 
> iQEcBAEBAgAGBQJQdIjSAAoJELhVoVpEMS6R2qgH/jB1ST78+DE5WPc7pfl8eyTp
> DXPCNImg+b6E8znDcVsuriYM/bPd38rlnALykuXwhkcnepDdSV2MN2GGQDrkS9sB
> /+DEhQBUCnNdL3Sr5fBh9wgstyMH3eck1x9HuZZt1/xkaKHyLsxhTs/lM25CsXbu
> Ys14uEhXJdnof/7KhgBJpRNsydL9Ct3CDWg8n+67E1Cdn9niA+9AymtBm6H/jPre
> v8TcI7+asnc4vsv6HuuTHXhrOWjfuMTpJegXGRWkHy7+PjcEtRNjjwZ98kKBlczR
> O7DOTaOMoLuHbkTn9eqlslaQPwjcPDDHGs6efqk8NHPdRzOY1qh1JCaRN6wJjvY=
> =bTaV
> -----END PGP SIGNATURE-----
> 
> 
> ------------------------------------------------------------------------------
> Don't let slow site performance ruin your business. Deploy New Relic APM
> Deploy New Relic app performance management and know exactly
> what is happening inside your Ruby, Python, PHP, Java, and .NET app
> Try New Relic at no cost today and get our sweet Data Nerd shirt too!
> http://p.sf.net/sfu/newrelic-dev2dev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!





More information about the Snort-users mailing list