Snort mailing list archives
Re: Rules2C source code?
From: "Mario D. Santana" <mds () mariosantana net>
Date: Fri, 23 Jul 2010 14:36:24 -0400
Ah, OK. It's just that we'd like to use SO rules to obfuscate rules that we need to keep very close to our chest. Uploading those rules to a web page (even a web page made by SourceFire) runs somewhat counter to the whole principle. No worries, though. Like I said, the Rules2C tool is really useful for learning how SO rules work, and there are lots of options for us now. Thanks again, and we'll see you at DefCon to hear about Razorback! On Fri, Jul 23, 2010 at 12:16 PM, Matt Watchinski < mwatchinski () sourcefire com> wrote:
The source for Rules2C is not currently available, is there something we could add to the web interface to improve your experience? Cheers, -matt On Thu, Jul 22, 2010 at 10:57 AM, Mario D. Santana <mds () mariosantana net> wrote:First, thanks for the Rules2C tool, it's lowered the bar to create SOrulesand learn how they work, so that it's feasible to play with SO rules now. Second, is the source for Rules2C available? I have to end up using ittocreate generic rules, and then modify them by hand, even when the toolfullysupports what I want to do...------------------------------------------------------------------------------This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users-- Matthew Watchinski Sr. Director Vulnerability Research Team (VRT) Sourcefire, Inc. Office: 410-423-1928 http://vrt-sourcefire.blogspot.com && http://www.snort.org/vrt/
------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rules2C source code? Mario D. Santana (Jul 22)
- Re: Rules2C source code? Matt Watchinski (Jul 23)
- Re: Rules2C source code? Mario D. Santana (Jul 23)
- Re: Rules2C source code? Matt Watchinski (Jul 23)