Snort mailing list archives
oinkmaster
From: Nicholas Bernstein <nick () docmagic com>
Date: Wed, 03 Dec 2003 13:23:18 -0800
It seems that oinkmaster.pl decided it's running with the -e option, as it is enabling all of the rules that I disable. As you can imagine, this makes for a *lot* of that snort it picking up, and generally makes maintenance a nightmare. I use includes in my snort.cf (i.e. include bad-traffic.rules). I'm running it as "/usr/local/bin/oinkmaster.pl -q -b /etc/snort.last/ -o /etc/snort/" is there something I'm doing wrong? Thanks! Nick -- +---------------------------------------------------------------+ | Nicholas Bernstein | nick () docmagic com | | UNIX Systems Administrator | http://www.docmagic.com | | Document Systems Inc. | | | gpg: F706 8C4E 78FA DDDD 53A0 019F D983 FE28 2002 D1F3 | +---------------------------------------------------------------+
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- oinkmaster Nicholas Bernstein (Dec 03)
- Re: oinkmaster Andreas Östling (Dec 03)
- <Possible follow-ups>
- re: oinkmaster adam_peterson (Dec 03)