[Snort-users] snort configuration

waldo kitty wkitty42 at ...14940...
Thu Feb 13 18:58:39 EST 2014


On 2/2/2014 1:50 PM, priya pat wrote:
> Hello,
> this is cpatel,
> I am new to snort installation for security(monitoring network traffic).
> I am doing snort installation with windows 7 on my localhost.
> I already have snort rules installed on my machine and I have installed snort
> 2.9.5.6 and winpcap 4.1.2
> I need to configure my snort.config file according to those rules.
> How do I step on?

in addition to what michael wrote, you don't configure your snort to any 
specific rule set... you configure your snort how you want/need and then use the 
rules that you need... in some cases, you might want certain rules or rules 
categories (specific rules files) enabled while in other scenarios, you might 
have those categories (files) disabled and others enabled...

setting snort up is one thing... learning about the rules and what they detect 
is a whole other matter ;)

-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.




More information about the Snort-users mailing list