Snort mailing list archives
Re: Rule update with snortcenter
From: Atul Shrivastava <atul_iet () yahoo com>
Date: Sat, 9 Nov 2002 00:28:10 -0800 (PST)
Hi,
When I have done a fresh installation of snort center agent and then click on the UPDATE from the Internet then it
displays that " No update this time " while I am updating it for the first time.
Also when I check the snort configuration file then there is no rule in it.
Can anyone tell me the solution.
Thanks in advance.
Regards,
Atul Shrivastava
Jens Krabbenhoeft <tschenz-snort-users () noris net> wrote:Michael,
Why Snortcenter doesn't recognize that there are rules more up to date on www.snort.org?
The way snortcenter checks for new signatures is as follows: * a known signature has a known revision - if that revision increases, it says "rule has updated" * if it finds an unknown sid, it says "rule added" Apparently the snortrules-stable file has no new rules since 2002/10/31:
grep "\$Id" * | grep "2002/11" grep "\$Id" * | grep "2002/10"
policy.rules:# $Id: policy.rules,v 1.25.2.1 2002/10/18 15:24:20 andrewbaker Exp $
grep "\$Id" * | grep "2002/09"
attack-responses.rules:# $Id: attack-responses.rules,v 1.16 2002/09/18 12:52:31 cazz Exp $ experimental.rules:# $Id: experimental.rules,v 1.64 2002/09/17 18:38:10 roesch Exp $ There are new rules in cvs HEAD, which work with cvs HEAD only. These are also in the http://www.snort.org/dl/rules/snortrules-current.tar.gz file. Hth, jens ------------------------------------------------------- This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users --------------------------------- Do you Yahoo!? U2 on LAUNCH - Exclusive medley & videos from Greatest Hits CD
Current thread:
- ACID v0.9.6b22 - Display alerts snorter (Nov 08)
- Portscan2 and ACID snorter (Nov 08)
- Rule update with snortcenter snorter (Nov 08)
- Re: Rule update with snortcenter Jens Krabbenhoeft (Nov 08)
- Re: Rule update with snortcenter Atul Shrivastava (Nov 09)
- More than one sensor can be managed ..?????? Atul Shrivastava (Nov 09)
- Re: Rule update with snortcenter Larc (Nov 09)
- Re: Rule update with snortcenter Atul Shrivastava (Nov 09)
- Rule update with snortcenter snorter (Nov 08)
- Re: Rule update with snortcenter Michael (Nov 11)
- Portscan2 and ACID snorter (Nov 08)