Snort mailing list archives
Re: Multiple rulesets with separate sid files.
From: Y M <snort () outlook com>
Date: Tue, 23 Jul 2013 18:20:36 +0300
PulledPork will generate a single sid-msg.map of all the rules or rulesets, unless explicitly specified, i.e: ignoring rules. ________________________________ From: mulhern<mailto:mulhern () gmail com> Sent: 7/23/2013 6:17 PM To: snort user list<mailto:snort-users () lists sourceforge net> Subject: [Snort-users] Multiple rulesets with separate sid files. Rulesets, like community rules or emerging threats rules come packaged with an sid-msg.map file which maps a numeric identifier to something more informative. When downloading multiple rule sets how should these be handled so that they don't conflict and so that Snort or Barnyard is able to find them? Thanks! - mulhern
------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Multiple rulesets with separate sid files. mulhern (Jul 23)
- Re: Multiple rulesets with separate sid files. Peter Bates (Jul 23)
- <Possible follow-ups>
- Re: Multiple rulesets with separate sid files. Y M (Jul 23)