Security Basics mailing list archives
RE: Total number of SNORT IDS/IPS Signatures
From: Steve Majot <steve () tcpstream com>
Date: Tue, 10 Mar 2009 10:14:21 -0600
Try something like this: cd /etc/snort/rules perl -e '@files = <*.rules>; $sigcount = 0; foreach $file (@files) { open $sigs, "$file"; while (<$sigs>) { $line = $_; if ($line =~ /sid:\d+;/) { $sigcount++; }} close $sigs;} print "total: $sigcount\n";' I don't have a snortbox available at the moment, but I think this should give you an accurate sig count (not including pre-processors). Steve -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of praveen_recker () sify com Sent: Tuesday, March 10, 2009 8:48 AM To: security-basics () securityfocus com Subject: Total number of SNORT IDS/IPS Signatures Hi, I was googling about total number of SNORT signatures but couldn't find any. Can anyone tell me what will be the total number of SNORT IDS/IPS Signatures? Any links are also welcome Best Regards, Praveen Darshanam, Security Researcher, INDIA
Current thread:
- Total number of SNORT IDS/IPS Signatures praveen_recker (Mar 10)
- Re: Total number of SNORT IDS/IPS Signatures Javier Reyna (Mar 10)
- Re: Total number of SNORT IDS/IPS Signatures Johnny Wong (Mar 11)
- <Possible follow-ups>
- RE: Total number of SNORT IDS/IPS Signatures Steve Majot (Mar 10)