[Snort-users] PulledPork New Snort Categories

JJC cummingsj at ...11827...
Thu Mar 7 14:41:41 EST 2013


^ What they all said :-)

On Thu, Mar 7, 2013 at 11:14 AM, Joel Esler <jesler at ...1935...> wrote:
> That's exactly correct.
>
> J
>
> On Mar 7, 2013, at 8:22 AM, Justin Knox <jknox at ...16001...> wrote:
>
> Hi Tamara,
> My own experience with PulledPork, in that regard, has been that the
> category matches up to the basenames of the rule files in the archive that
> gets downloaded. I haven't seen that documented, but it is working for me.
>
> I'm hoping JJ will respond to clarify. Particularly if I'm wrong - someone
> feel free to correct me!
> --Justin
>
>
> On Thu, Mar 7, 2013 at 7:35 AM, Tamara Fisher <tammi888 at ...11827...> wrote:
>>
>> Hi,
>>
>> I'm using PulledPork for rule management and I'm wondering if the newer
>> categories of rules can be added to the enablesid.conf and what would be the
>> format?
>>
>> I installed the latest version of PulledPork but the README.CATEGORIES
>> refers to the old categories.
>>
>> I'd like to enable categories of rules if possible.
>>
>>
>> Tamara Fisher
>>
>>
>> ------------------------------------------------------------------------------
>> Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
>> Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
>> endpoint security space. For insight on selecting the right partner to
>> tackle endpoint security challenges, access the full report.
>> http://p.sf.net/sfu/symantec-dev2dev
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest Snort
>> news!
>
>
> ------------------------------------------------------------------------------
> Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
> Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
> endpoint security space. For insight on selecting the right partner to
> tackle endpoint security challenges, access the full report.
> http://p.sf.net/sfu/symantec-dev2dev_______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort
> news!
>
>
>
> ------------------------------------------------------------------------------
> Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
> Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
> endpoint security space. For insight on selecting the right partner to
> tackle endpoint security challenges, access the full report.
> http://p.sf.net/sfu/symantec-dev2dev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort
> news!




More information about the Snort-users mailing list