Snort mailing list archives
Re: Newbie Question..
From: John Sage <jsage () finchhaven com>
Date: Tue, 15 Jan 2002 21:17:47 -0800
Edwin:It seems you're specifying the full path to your snort rules with /etc/snort/ddos.rules etc etc...
That should work just fine.The default syntax in snort.conf assumes that when snort is invoked, it will find snort.conf in the directory which also contains the rules, so really it's not necessary to specify the path to the rules in snort.conf, but there shouldn't be any harm in doing so...
> How will i enable my snort rules to communicate with snort.conf file > and run in NIDS mode?hmm.. not sure what you mean by this: I'd say that snort.conf needs to know where to find the rules, but the rules don't communicate with snort.conf, so much as with snort itself...
The basic NIDS command line is: snort -dev -l ./log -h 192.168.1.0/24 -c snort.conf See: SNORT_USAGE which gets posted to this list once a week... HTH.. - John -- The web page you seek cannot be found here: countless others await Edwin Pua wrote:
Hi,How will i enable my snort rules to communicate with snort.conf file and run in NIDS mode?I edited my snort.conf file to call my snort rules under /etc/snort/ddos.rules, /etc/snort/porn.rules, etc. The default before in the snort.conf file is without the/etc/snort path. Is this right to enable my snort rules?# under /etc/snort/snort.conf include /etc/snort/bad-traffic.rules include /etc/snort/ddos.rules include /etc/snort/porn.rules Thanx in advace. rgds, Edwin
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Newbie Question.. Edwin Pua (Jan 15)
- Re: Newbie Question.. John Sage (Jan 15)
- <Possible follow-ups>
- Re: Newbie Question.. Edwin Pua (Jan 15)