Snort mailing list archives
Re: ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to byte_test:
From: Erek Adams <erek () snort org>
Date: Sat, 5 Jul 2003 15:56:15 -0400 (EDT)
On Sat, 5 Jul 2003, Andre Cameron wrote:
Hmm which GUI do you recommend?
Well, that's the wierd thing. I'm a "do it yourself" and "command line" kinda guy. I manually edit my config files and rulsets, push them out over an encrypted rsync and then use 'root-tail' on my workstation to keep an eye on what's going on. I'm in the process of building a comparision setup for sguil [0] and ACID to see how they compare. As for recommend... I recommend you do it yourself for a bit so that you actually _understand_ what's going on behind the GUI. That way when you have some odd error pop up like this, you'll know that Snort isn't at fault. But that's my opinion, not a rule. If you want the GUI for everything, I'd suggest you try them all. Eventually, you'll find one that works well for you.
I dont use auto blocking because to many false positives can block internal IPs which can have bed results. I just wanted to look into it. I was more interested with a firewall that had a centralized block list so that when I update one it updates all versus manually going through and adjusting all the firewalls.
Then I'd again suggest SnortSam. It integrates well with multiple types of firewalls and is cluefully designed. Pick the firewall that it supports that you know/want to learn.
Thanks for the help:)
No problem. That's the goal of this forum! Cheers! ----- Erek Adams "When things get weird, the weird turn pro." H.S. Thompson [0] http://sguil.sf.net/ ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to byte_test: Andre Cameron (Jul 05)
- Re: ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to byte_test: Erek Adams (Jul 05)
- Re: ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to byte_test: Andre Cameron (Jul 05)
- Re: ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to byte_test: Erek Adams (Jul 05)
- Re: ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to byte_test: Andre Cameron (Jul 05)
- Re: ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to byte_test: Rodrigo Goya (Jul 08)
- Re: ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to byte_test: Erek Adams (Jul 05)