Snort mailing list archives

Quick(noob) question on rules. Role of snort.conf?

From: "Ryan C. Sebastian" <rsebastian () comcast net>
Date: Tue, 29 Apr 2003 17:33:08 -0400

From what I've read on the faqs, all the rule sets for IDS mode have to be

made in the snort.conf file?  Is this how many of you are running snort?
Hence the example in the FAQs:

"./snort -d -h 192.168.1.0/24 -l ./log -c snort.conf
Where snort.conf is the name of your rules file. This will apply the rules
set in the snort.conf file to each packet to decide if an action based upon
the rule type in the file should be taken."

So does this mean any rules should be made directly to the snort.conf file?
(adding/editing rules etc). Or, the "snort.conf" line can be substituted
with any rule set you have?

I guess I'm confused on what role snort.conf plays in rules.

I tried to read as much as I could before posting this.
Thanks



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Quick(noob) question on rules. Role of snort.conf? Ryan C. Sebastian (Apr 30)