[Snort-users] Why PulledPork over Oinkmaster

Michael Steele michaels at ...9077...
Wed Sep 26 13:20:00 EDT 2012


Joel,

Is there anything written up on why we should be using PulledPork over
Oinkmaster, or over manually updating?

There may be something on the blog about this? All this should be fairly
easy for JJ to place on the blog, if it's not there?

Kindest regards,
Michael...

-----Original Message-----
From: Joel Esler [mailto:jesler at ...1935...] 
Sent: Wednesday, September 26, 2012 12:29 PM
To: AllowOverride
Cc: snort-users
Subject: Re: [Snort-users] Barnyard2 - v2-1.10 is released

Oinkmaster and barnyard are two different things.

Oinkmaster updates rules.  Barnyard2 processes Snort's output.

On Sep 26, 2012, at 12:26 PM, AllowOverride <allowoverride at ...11827...> wrote:

> Hello Firnsy folks,
> 
> quick question: it's been interesting to exactly how interact barnyard 
> interacts with snort, and curious why it was chosen over oinkmaster as 
> the preferred method. I have noticed that usually if a product is 
> incorporated with another, they would have a basic config file that 
> mirrors the file paths, rather than it be say manually configed inside 
> the conf, or in commandline options when run. So, I wonder if you 
> could pass this to the devs and ask if they can try to make it Easier 
> to install with the snort source attained from snort.org. I mean, they 
> state its preferred now over oinkmaster, however, it its not a 
> seemless install. yes I understand linux/unix FS but for it to be much 
> quicker and easier to install with snort would be great! meaning, 
> paths match the same as the snort-2.9.3.1 for example version.
> 
> also, there is the same issue with pulledpork. paths are all over the 
> place. both snort, and PP, and yes Barnyard2-firnsy the paths can be 
> cumbersome to finagle for first or even 2nd time users.
> 
> just a heads up, it's not simple and takes days especially when trying 
> to auto script snort, PP, and BY to all work together.
> 
> pass this on to a friend, thanks, pete





More information about the Snort-users mailing list