Full Disclosure mailing list archives
Re: Snort as IDS/IPS in mission-critical enterprisenetwork
From: Michael Holstein <michael.holstein () csuohio edu>
Date: Fri, 09 Dec 2005 14:28:48 -0500
You, too, can be replaced by a small shell script. :)
Add the -T switch to your shellscript and test *before* you HUP snort.I was just telling the cautionary tale of interrupting snort, since it's so easy to mess up rules by inserting a blankline between or carrige return in the middle of them.
~Mike. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Snort as IDS/IPS in mission-critical enterprise network Native.Code (Dec 08)
- Re: Snort as IDS/IPS in mission-critical enterprise network none none (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network c0ntex (Dec 09)
- RE: Snort as IDS/IPS in mission-critical enterprisenetwork Paul Melson (Dec 09)
- New paper on theory of disclosure for security & competitive reasons Peter Swire (Dec 13)
- Re: Snort as IDS/IPS in mission-critical enterprise network coderman (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network c0ntex (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network Michael Holstein (Dec 09)
- RE: Snort as IDS/IPS in mission-critical enterprisenetwork Paul Melson (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprisenetwork Michael Holstein (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network none none (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprisenetwork sk (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network coderman (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network Technica Forensis (Dec 09)
- Re: Snort as IDS/IPS in mission-critical enterprise network Native.Code (Dec 11)
- Re: Snort as IDS/IPS in mission-critical enterprise network Mark (Dec 11)