Snort mailing list archives
Re: Rulesets
From: Erek Adams <erek () theadamsfamily net>
Date: Thu, 18 Jul 2002 15:52:19 -0700 (PDT)
On Thu, 18 Jul 2002, Brandon Harms wrote:
I am using RedHat 7.2 with mysql support. I got snort working except it seems to be having problems with the rulesets. It doesn't like the word "flow" in the rules. It will give an error message: "scan.rules => Unknown keyword "flow" in rule!". It does it for all the rules containing the word. Any ideas?
You're using the wrong ruleset.
http://www.snort.org/dl/signatures/snortrules.tar.gz is for 1.8.7
http://www.snort.org/dl/signatures/snortrules-current.tar.gz is for
the 'development version' (1.9).
Cheers.
-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rulesets Brandon Harms (Jul 18)
- Re: Rulesets Erek Adams (Jul 18)
- Re: Rulesets Jim Burwell (Jul 18)
- <Possible follow-ups>
- RE: Rulesets Matt Yackley (Jul 18)
- Re: Rulesets Erek Adams (Jul 18)