[Snort-users] VRT rules policy question

Michael Shirk shirkdog.bsd at ...11827...
Tue Apr 4 12:48:33 EDT 2017


This sounds like a feature that would need to be added. This would also get
complicated if you had ET Pro rules with VRT.

That would be the use case I see for these to be interchangeable or
overridden.

--
Michael Shirk
Daemon Security, Inc.
http://www.daemon-security.com

On Apr 4, 2017 12:46 PM, "Stanford Prescott" <stan.prescott at ...11827...>
wrote:

> When using pulledpork and setting a VRT rules policy like connectivity,
> balanced or security why are emerging threats rules disabled?
>
> After selecting a security policy, if one were to want to return to no
> security policy and re-enable the emerging threats rules, is there a quick
> way to do that using pulledpork?
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>



More information about the Snort-users mailing list