First Previous Next Last         Home

UUASC Snort/Acid Presentation - Keeping up to date

Slide 33

Note blockquote> Rules are available for 2.0, 2.1, 2.2, and cvs -STABLE http://www.snort.org/dl/rules/

+ http://www.snort.org/dl/rules/snortrules-snapshot-CURRENT.tar.gz
+ http://www.snort.org/dl/rules/snortrules-snapshot-2_2.tar.gz
+ http://www.snort.org/dl/rules/snortrules-snapshot-2_1.tar.gz
+ http://www.snort.org/dl/rules/snortrules-snapshot-2_0.tar.gz

Before running oinkmaster, you are going to want to run maksesidex.pl giving it the directory, with the snort (rules) directory as an argument. This should be appended to your oinkmaster.conf. Generally a good way to do this is to make a script that copies a an "original" oinkmaster.conf, one w/o any disabled rules on it, and then append it to the new file, and run oinkmaster pointing at that.
Created on Wednesday 30 June 2004 by Nicholas Bernstein with KPresenter