Snort mailing list archives
Re: Snorby SBSA
From: Joel Esler <jesler () sourcefire com>
Date: Fri, 27 Aug 2010 11:51:12 -0400
Pulledpork will handle both ET and VRT rules at the same time, plus SO. Sent from my iPhone On Aug 27, 2010, at 11:37 AM, "Christopher A. Libby" <clibby () mainepublicservice com> wrote:
I've been using the Snorby SBSA for a few days now, and I must say I really like the interface and the easy setup. I do have a few issues that I'd like to manually resolve if anyone has any suggestions. First, I'd like to be able to utilized SO rules but Oinkmaster doesn't handle them. I've looked at Pulled Pork on a previous incarnation of this machine but I wasn't very successful in getting it to work with both VRT and ET rules. Any suggestions on what else I could use? Second, the snort init script simply starts snort - it doesn't allow for start/stop/restart. I'd like to just restart snort to reload the rules, but one process gets stuck (no permission to the PID file) so I have to reboot the server. Does anyone have a good Debian init script for snort? Thanks! - Chris ------------------------------------------------------------------------------ Sell apps to millions through the Intel(R) Atom(Tm) Developer Program Be part of this innovative community and reach millions of netbook users worldwide. Take advantage of special opportunities to increase revenue and speed time-to-market. Join now, and jumpstart your future. http://p.sf.net/sfu/intel-atom-d2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Sell apps to millions through the Intel(R) Atom(Tm) Developer Program Be part of this innovative community and reach millions of netbook users worldwide. Take advantage of special opportunities to increase revenue and speed time-to-market. Join now, and jumpstart your future. http://p.sf.net/sfu/intel-atom-d2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snorby SBSA Christopher A. Libby (Aug 27)
- Re: Snorby SBSA Joel Esler (Aug 27)
- Re: Snorby SBSA Jefferson, Shawn (Aug 27)
- Re: Snorby SBSA JJ Cummings (Aug 27)
- Re: Snorby SBSA Jefferson, Shawn (Aug 27)
- Re: Snorby SBSA Castle, Shane (Aug 27)
- Re: Snorby SBSA JJ Cummings (Aug 27)
- Re: Snorby SBSA Castle, Shane (Aug 27)
- Re: Snorby SBSA beenph (Aug 27)
- Re: Snorby SBSA waldo kitty (Aug 27)
- Re: Snorby SBSA JJ Cummings (Aug 27)
- Re: Snorby SBSA Joel Esler (Aug 27)