Snort mailing list archives
Rule management
From: "Jason Lewis" <jlewis () packetnexus com>
Date: Tue, 27 Nov 2001 06:33:37 -0500
I was thinking about all the requests for automatic rule updates. I think this stems from the anti-virus auto update features. The thinking is....the more up to date the sigs are, the better off you are. What we really need is a rule management tool. IDScenter does some of this, but it runs on Win2k. (You can manage linux sensors too) Is anyone updating a master rule list and pushing updates to sensors? I have tossed around different ideas for doing this and thought maybe I could get some feedback here. I was thinking a directory structure that had folders for each sensor and rules were updated automatically via scp. Thoughts? Jason Lewis http://www.packetnexus.com It's not secure "Because they told me it was secure". The people at the other end of the link know less about security than you do. And that's scary. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rule management Jason Lewis (Nov 27)
- RE: Rule management Jeff Dell (Nov 27)
- RE: Rule management Jason Lewis (Nov 27)
- RE: Rule management Jeff Dell (Nov 27)
- Re: Rule management Michael Boman (Nov 27)
- Re: Snort Wizard comming soon! Alex Rodrigues (Nov 27)
- Re: Re: Snort Wizard comming soon! Guillaume (Nov 27)
- Re: Snort Wizard comming soon! Alex Rodrigues (Nov 27)
- RE: Rule management Jason Lewis (Nov 27)
- RE: Rule management Jeff Dell (Nov 27)