Re: rules downloads and scalability

["Bristol, Gary L." <gbristol () ou edu>]

That's the schedule we use here at OU.

Then we have a script that runs 30 mins later to update all of the sensors. 

-----Original Message-----
From: snort-users-bounces () lists sourceforge net
[mailto:snort-users-bounces () lists sourceforge net] On Behalf Of Paul Schmehl
Sent: Monday, September 18, 2006 10:52 AM
To: Martin Roesch; Eric Hines
Cc: Jason Haar; snort-users () lists sourceforge net
Subject: Re: [Snort-users] rules downloads and scalability

--On Monday, September 18, 2006 11:18:25 -0400 Martin Roesch
<roesch () sourcefire com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> FYI, every once in a while we were getting people who didn't know how 
> to configure cron who were trying to download rule updates every 
> second.  Since we update rules typically on a daily basis at best, 15 
> minutes ought to work pretty well for everyone...
What's wrong with once a day?  Is getting new rules into snort really
*that* critical????

Sheesh.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

Attachment: smime.p7s
Description:

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users