Security Basics mailing list archives

RE: Total number of SNORT IDS/IPS Signatures

From: Steve Majot <steve () tcpstream com>
Date: Tue, 10 Mar 2009 10:14:21 -0600

Try something like this:

cd /etc/snort/rules
perl -e '@files = <*.rules>; $sigcount = 0; foreach $file (@files) { open
$sigs, "$file"; while (<$sigs>) { $line = $_; if ($line =~ /sid:\d+;/) {
$sigcount++; }} close $sigs;} print "total: $sigcount\n";'

I don't have a snortbox available at the moment, but I think this should
give you an accurate sig count (not including pre-processors).

Steve

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of praveen_recker () sify com
Sent: Tuesday, March 10, 2009 8:48 AM
To: security-basics () securityfocus com
Subject: Total number of SNORT IDS/IPS Signatures

Hi,

I was googling about total number of SNORT signatures but couldn't find
any. Can anyone tell me what will be the total number of SNORT IDS/IPS
Signatures?
Any links are also welcome

Best Regards,
Praveen Darshanam,
Security Researcher,
INDIA

Current thread:

Total number of SNORT IDS/IPS Signatures praveen_recker (Mar 10)
- Re: Total number of SNORT IDS/IPS Signatures Javier Reyna (Mar 10)
- Re: Total number of SNORT IDS/IPS Signatures Johnny Wong (Mar 11)
- <Possible follow-ups>
- RE: Total number of SNORT IDS/IPS Signatures Steve Majot (Mar 10)