[Snort-users] snort.conf differences in Snort

Y M snort at ...15979...
Fri Apr 8 03:30:20 EDT 2016

Hello all,

snort.conf in the Snort tarball is not in sync with the snort.conf at https://www.snort.org/documents/snort-2982-conf. Of importance, the differences involve ports definitions, rules inclusion, and preprocessor configurations. The major differences are posted below. Which conf file to go by?

1. snort.conf in snort- contains the legacy dynamic libraries only. It does not include the new ones as defined in this blog post: http://blog.snort.org/2014/08/snort-subscriber-ruleset-re.html.<http://blog.snort.org/2014/08/snort-subscriber-ruleset-re.html>


3. normalize_tcp options

4. stream5_tcp options and ports

5. http_inspect_server ports

6. ssl preprocessor ports

7. rules files inclusion.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20160408/e5322c07/attachment.html>

More information about the Snort-users mailing list