[Snort-users] PulledPork New Snort Categories

Joel Esler jesler at ...1935...
Thu Mar 7 13:14:44 EST 2013


That's exactly correct.

J

On Mar 7, 2013, at 8:22 AM, Justin Knox <jknox at ...16001...> wrote:

> Hi Tamara,
> My own experience with PulledPork, in that regard, has been that the category matches up to the basenames of the rule files in the archive that gets downloaded. I haven't seen that documented, but it is working for me.
> 
> I'm hoping JJ will respond to clarify. Particularly if I'm wrong - someone feel free to correct me!
> --Justin
> 
> 
> On Thu, Mar 7, 2013 at 7:35 AM, Tamara Fisher <tammi888 at ...11827...> wrote:
> Hi, 
> 
> I'm using PulledPork for rule management and I'm wondering if the newer categories of rules can be added to the enablesid.conf and what would be the format?
> 
> I installed the latest version of PulledPork but the README.CATEGORIES refers to the old categories. 
> 
> I'd like to enable categories of rules if possible. 
> 
> 
> Tamara Fisher
> 
> ------------------------------------------------------------------------------
> Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
> Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
> endpoint security space. For insight on selecting the right partner to
> tackle endpoint security challenges, access the full report.
> http://p.sf.net/sfu/symantec-dev2dev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
> 
> ------------------------------------------------------------------------------
> Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester  
> Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the  
> endpoint security space. For insight on selecting the right partner to 
> tackle endpoint security challenges, access the full report. 
> http://p.sf.net/sfu/symantec-dev2dev_______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130307/b0277f94/attachment.html>


More information about the Snort-users mailing list