Oinkmaster v1.1 questions

[Rich Adamson <radamson () routers com>]

I'm implementing oinkmaster for the first time on a Win32 box with 
snort v2.2.0, and it is updating both snort.org and bleedingsnort.com 
rules. But, as a newbie to oinkmaster, I've got a couple of questions...

1. There seems to be two ways to specify a url for fetching rule
updates. One from the command line with the -u switch, and a second
by specifing the url in the oinkmaster.conf file. Is that a correct
assumption?

2. Can the oinkmaster.conf file contain both url's (eg, will both the
snort.org and bleedingsnort.com rules be updated)?

3. Until I get some experience with oinkmaster, I've simply set up a
shortcut on the desktop to execute the perl scripts for updating. When
I'm more comfortable with the results, I'll schedule it via the equiv
of a cron job. It would appear the snort.org rules for v2.2 are not
actually updated on their web site on a regular basis even though 
their file is rebuilt daily. Is that a correct assumption? 

4. What's the proper way to handle bleeding-sid-msg.map file using
oinkmaster? (For now, I manually copy/pasted the contents into the
etc/sid-msg.map file. I'm assuming there is a better way to handle
that via oinkmaster.)

TIA,

Rich




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users