please help me test my new rule updater...

[Alessandro Salvatori <a.salvatori () universitari crocetta org>]

Could anybody please send me his own modified ruleset to this address: <a.salvatori AT universitari.crocetta.org> (i've 
got plenty of space in that account, don't worry :) ?

I'm writing a little new script that updates snort rules from snort.org

it's quite different from all the scripts that are avaiable at the time... it does use diff, sed, awk and keeps your 
modified rules (increasing their sid value by 330000000)... it should work both with inline or multiline rules, and 
should changes in the action field and behave fine.

i want to do some last tunings then i think i should make it avaiable to everybody... here you can come in a great 
help! could you please send me your modified rules (rules from snort.org that you tuned to your needs)?
not only those you have modified... for me it's better if you tar your whole /etc/snort/rules
that way i can see how my script behaves in a wider range of cases.

thank you very much indeed
Alessandro Salvatori


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users