RE: Which rules to use for snort ?

[Ronald Nutter <rnutter () networkref com>]

No reason to use the other.  Just saw another rules set available and that
caused me to ask the question.

-----Original Message-----
From: John Sage
To: Ronald Nutter
Cc: snort-users () lists sourceforge net
Sent: 6/3/02 4:40 PM
Subject: Re: [Snort-users] Which rules to use for snort ?

I would answer your question with another:

Why would you not use the rules that come with the distribution, at
least until you're up and running and understand what's going on?


http://snort.sourcefire.com/about.html

http://snort.sourcefire.com/dl/

http://snort.sourcefire.com/dl/signatures/


What's not to love?



- John
-- 
Warning: time of day goes back, taking countermeasures.

PGP key      http://www.finchhaven.com/pages/gpg_pubkey.html
Fingerprint  FE 97 0C 57 08 43 F3 EB 49 A1 0C D0 8E 0C D0 BE C8 38 CC B5




On Sun, Jun 02, 2002 at 03:20:04PM -0400, Ronald Nutter wrote:
> I have recently started using Snort and am now a little confused.  I
know
> about the rules for Snort that are on the Snort web site.  I have also
come
> across rules for Snort on Whitehats.com. Which should I use ?  Is it
> possible to use both ?

_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users