Snort mailing list archives
Quick(noob) question on rules. Role of snort.conf?
From: "Ryan C. Sebastian" <rsebastian () comcast net>
Date: Tue, 29 Apr 2003 17:33:08 -0400
From what I've read on the faqs, all the rule sets for IDS mode have to be
made in the snort.conf file? Is this how many of you are running snort? Hence the example in the FAQs: "./snort -d -h 192.168.1.0/24 -l ./log -c snort.conf Where snort.conf is the name of your rules file. This will apply the rules set in the snort.conf file to each packet to decide if an action based upon the rule type in the file should be taken." So does this mean any rules should be made directly to the snort.conf file? (adding/editing rules etc). Or, the "snort.conf" line can be substituted with any rule set you have? I guess I'm confused on what role snort.conf plays in rules. I tried to read as much as I could before posting this. Thanks ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Quick(noob) question on rules. Role of snort.conf? Ryan C. Sebastian (Apr 30)