Re: Autamtic Rules Update

[Wesley Eddy <weddy () masaka cs ohiou edu>]

On Mon, Aug 06, 2001 at 11:41:24AM -0300, Ivan Hernandez wrote:
> Thanks. I'm looking but doesnt seems to be usable trough an HTTP proxy.
> At the moment i will continue coding! Anyway, PHP & Perl are a funny way to
> kill time between tasks.
>
> Ivan.
>
> -----Original Message-----
> From: Wesley Eddy [mailto:weddy () masaka cs ohiou edu]
> Sent: Monday, August 06, 2001 11:31 AM
> To: Ivan Hernandez
> Cc: snort-users () lists sourceforge net
> Subject: Re: [Snort-users] Autamtic Rules Update
>
>
> On Mon, Aug 06, 2001 at 11:11:22AM -0300, Ivan Hernandez wrote:
> > Hello. I started coding some kind of RULES repository in order to mantain
> > udated all my clients with a minimal effort. Someone here would like to
> tell
> > me if there is already something like that ?
> > Thanks!
> > Ivan Hernandez
>
> rdist works pretty well, as does cvs or even the wonderful NFS protocol
> which comes from Sun, so it must be good.  There are options aplenty,
> so it would seem that rolling your own would be needlessly reinventing
> the wheel, especially since all the others are already free, available
> and almost fully debugged.


Oh, well I assumed that you meant that you had a custom ruleset that
you wanted to propagate to all your sensors whenever you updated it,
in which case it would be easiest to store it on a local box and not
even worry about proxies and such.  If you're snagging rules from offsite
though, it'd still be easier to just wget them through the HTTP proxy
as a cron job every so often (depending on how up-to-date you need to
be) from the sensors.

-Wes

-- 
"I can't see too well, what's it all about?  I don't know man, did you poke                
your eyes out?"                                                                            
        -Angry Samoans, "Lights Out"

Attachment: _bin
Description: