[Snort-users] Pulled Pork
cummingsj at ...11827...
Tue Oct 30 09:58:54 EDT 2012
Pulledpork is free, just like snort itself.
Sent from the iRoad
On Oct 30, 2012, at 3:14, Peter Bates <peter.bates at ...15381...> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Hello all
> On 30/10/2012 08:49, k vijay sai prashanth wrote:
>> So basically there is a 30 day trial during which you can only update the
>> rules once 15 minutes? Isn't that a reasonable enough amount of time? How
>> much is small amount that you are referring to? I wanted to install
>> PulledPork for the IDS installed for my organization. Is this an annual
> You might be best looking at:
> In a nutshell - you can register for an account on snort.org, get an 'oinkcode'
> and then download the rules for free - but they will be 30 days behind.
> The paid subscription gives you access to the rules when they are released.
>> Also about installing a front-end for my snort. What is the ideal
>> database architecture when dealing with multiple sensors. Does each sensor
>> have its own database or do all the sensors log events to a common database
>> server on which the front-end software [like snorby or aanval] is installed
>> or is there any other way this is implemented.
> The latter makes more sense - have Snort write unified2 logfiles, then use Barnyard2
> to write to your database.
> It's important to set unique values for your sensors - if they're on different hosts
> then the hostname will be used but if you have multiple instances running on the same host
> you probably need to look at the -i option for Barnyard2.
> - --
> Peter Bates
> Senior Information Security Officer Phone: +44(0)2076792049
> Information Services Division Internal Ext: 32049
> University College London
> London WC1E 6BT
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (MingW32)
> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
> -----END PGP SIGNATURE-----
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
More information about the Snort-users