Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Why PulledPork over Oinkmaster

From: "Michael Steele" <michaels () winsnort com>
Date: Wed, 26 Sep 2012 13:20:00 -0400
Joel,

Is there anything written up on why we should be using PulledPork over
Oinkmaster, or over manually updating?

There may be something on the blog about this? All this should be fairly
easy for JJ to place on the blog, if it's not there?

Kindest regards,
Michael...

-----Original Message-----
From: Joel Esler [mailto:jesler () sourcefire com] 
Sent: Wednesday, September 26, 2012 12:29 PM
To: AllowOverride
Cc: snort-users
Subject: Re: [Snort-users] Barnyard2 - v2-1.10 is released

Oinkmaster and barnyard are two different things.

Oinkmaster updates rules.  Barnyard2 processes Snort's output.

On Sep 26, 2012, at 12:26 PM, AllowOverride <allowoverride () gmail com> wrote:


Hello Firnsy folks,

quick question: it's been interesting to exactly how interact barnyard 
interacts with snort, and curious why it was chosen over oinkmaster as 
the preferred method. I have noticed that usually if a product is 
incorporated with another, they would have a basic config file that 
mirrors the file paths, rather than it be say manually configed inside 
the conf, or in commandline options when run. So, I wonder if you 
could pass this to the devs and ask if they can try to make it Easier 
to install with the snort source attained from snort.org. I mean, they 
state its preferred now over oinkmaster, however, it its not a 
seemless install. yes I understand linux/unix FS but for it to be much 
quicker and easier to install with snort would be great! meaning, 
paths match the same as the snort-2.9.3.1 for example version.

also, there is the same issue with pulledpork. paths are all over the 
place. both snort, and PP, and yes Barnyard2-firnsy the paths can be 
cumbersome to finagle for first or even 2nd time users.

just a heads up, it's not simple and takes days especially when trying 
to auto script snort, PP, and BY to all work together.

pass this on to a friend, thanks, pete



------------------------------------------------------------------------------
How fast is your code?
3 out of 4 devs don\\\'t know how their code performs in production.
Find out how slow your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219672;13503038;z?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: