Snort mailing list archives
RE: alert rules, GRAB latest only
From: Erek Adams <erek () theadamsfamily net>
Date: Sun, 9 Dec 2001 10:36:01 -0800 (PST)
On Sun, 9 Dec 2001, Ronneil Camara wrote:
I got my post delivered in a wrong way/sentence. What I wanted was, I would only like to retrieve the latest alerts that were added.
Ummm.... By alerts I'm assuming you really mean rules, as the rules generate the alerts.
I can do that with diff but maybe there is a better way. I tried cvs to sourceforge last night and I got it working but it downloaded all the snort folder. And also, it looks like snort in sourceforge is not being updated. Is it possible to do a cvs to snort.org?
CVS works just fine. Grab the tree once, then it will just yank updates. There's a snort-cvs list that you can join that will give you cvs info msgs when something changes. If you want to stay abreast of new rules/sigs, then join the snort-sigs list. If you're considering using something to 'auto-update' the rules... I'll not start that holy war again, I'll just say IMHO it's a 'Bad Thing(tm)'. :) Cheers! ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- alert rules, GRAB latest only Ronneil Camara (Dec 09)
- <Possible follow-ups>
- RE: alert rules, GRAB latest only Ronneil Camara (Dec 09)
- RE: alert rules, GRAB latest only Erek Adams (Dec 09)