Snort mailing list archives
RE: Snort 2.0 rc1 available
From: "McLaughlin, Andrew" <Andrew.McLaughlin () mallesons com>
Date: Mon, 30 Jun 2003 15:30:29 +1000
Apologies as this is not strictly snort related - however when using snortcenter - what is the most effective way to enter config: commands (as manually modifying the snort.conf file does not work very well - see below) Obvioiusly it can't be entered via any of the "Config Types" or "Rules" menus so I am at a loss...unless there is anoother way?? After I manually edit snort.eth0.conf or snort.eth0.conf.good the config: commands are always overwritten when I do a push with updated snort.conf file... I am essentially trying to remove the T/TCP alerts via snortcenter. Running.... -*> Snort! <*- Version 2.0.0 (Build 72) Snortcenter v0.9.6 RH9, ACID, MySQL Thanks, Andy. -----Original Message----- From: Chris Green [mailto:cmg () sourcefire com] Sent: Monday, 31 March 2003 11:56 PM To: Slighter, Tim; Snort Users List Subject: Re: [Snort-users] Snort 2.0 rc1 available "Slighter, Tim" <tslighter () itc nrcs usda gov> writes:
One particular issue I have seen with this new release is that the "config" option in snort.conf do not seem to work.
remove the colons. Was already corrected in CVS.
# Configure the snort decoder: # ============================ # # Stop generic decode events: # # config: disable_decode_alerts # # Stop Alerts on experimental TCP options # # config: disable_tcpopt_experimental_alerts # # Stop Alerts on obsolete TCP options # # config: disable_tcpopt_obsolete_alerts # # Stop Alerts on T/TCP alerts # # config: disable_ttcp_alerts # # Stop Alerts on all other TCPOption type events: # # config: disable_tcpopt_alerts # # Stop Alerts on invalid ip options # config: disable_ipopt_alerts -----Original Message----- From: Bennett Todd [mailto:bet () rahul net] Sent: Thursday, March 27, 2003 10:35 AM To: snort-users () lists sourceforge net; snort-devel () lists sourceforge net Subject: Re: [Snort-users] Snort 2.0 rc1 available Excellent, terrific. So far the only compat problem I've turned up (relative to 1.9.x) is the fix to broken "-s" processing on the cmdline. -Bennett ------------------------------------------------------- This SF.net email is sponsored by: The Definitive IT and Networking Event. Be There! NetWorld+Interop Las Vegas 2003 -- Register today! http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Chris Green <cmg () sourcefire com> You now have 14 minutes to reach minimum safe distance. ------------------------------------------------------- This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Snort 2.0 rc1 available McLaughlin, Andrew (Jun 29)
- RE: Snort 2.0 rc1 available Joerg Weber (Jun 30)