[Snort-users] snort and snort-rules/ET alerts

Keith Pachulski keith.pachulski at ...17691...
Fri Dec 2 14:44:24 EST 2016


Pulledpork Cronjob
0 0 * * * /home/snort/pulledpork/pulledpork.pl -c /home/snort/pulledpork/etc/pulledpork.conf

Pulledpork Config
rule_url=https://www.snort.org/rules/|snortrules-snapshot.tar.gz|<>
rule_url=http://talosintelligence.com/feeds/ip-filter.blf|IPBLACKLIST|open
ignore=deleted.rules,experimental.rules
temp_path=/tmp
rule_path=/home/snort/rules/snort.rules
local_rules=/home/snort/rules/local.rules
sid_msg=/home/snort/rules/etc/sid-msg.map
sid_msg_version=1
sid_changelog=/home/snort/rules/pullpork-sid_changes.log
sorule_path=/usr/local/lib/snort_dynamicrules/
snort_path=/usr/local/bin/snort
config_path=/home/snort/rules/snort.conf
distro=Ubuntu-12-04
black_list=/home/snort/rules/black_list.rules
IPRVersion=/home/snort/rules/iplists


This message (including any attachments) is intended only for
the use of the individual or entity to which it is addressed and
may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under
applicable law or may constitute as attorney work product.
If you are not the intended recipient, you are hereby notified
that any use, dissemination, distribution, or copying of this
communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone and
(i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20161202/4fa7c63b/attachment.html>


More information about the Snort-users mailing list