No subject


Thu Nov 23 16:36:19 EST 2017


be made in the snort.conf file?  Is this how many of you are running 
snort?  
Hence the example in the FAQs:

"./snort -d -h 192.168.1.0/24 -l ./log -c snort.conf
Where snort.conf is the name of your rules file. This will apply the 
rules set in the snort.conf file to each packet to decide if an action 
based upon the rule type in the file should be taken." 

So does this mean any rules should be made directly in the snort.conf 
file? (adding/editing rules etc). Or, can the "snort.conf"  be 
substituted with any rule set you have? 
 (EX: snort -d 172.16.0.9/3 log -c rule_file_here)

I guess I'm confused on what role snort.conf plays in rules.
What exactly should be done to the snort.conf?
Thanks







More information about the Snort-users mailing list