Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Turning off signatures

From: twig les <twigles () yahoo com>
Date: Sun, 21 Dec 2003 19:36:49 -0800 (PST)

--- Jeff Kell <jeff-kell () utc edu> wrote:

Hello... after the usual hassles installing
snort/acid/MqSql/etc on 
RedHat 9, I'm happily sniffing away.  Now to tune some
signatures.

The FAQ just says '#' comment them out.  But that will have to
be 
repeated with each download of the rules(?).  Is there some
magic I'm 
overlooking regarding signature maintenance?



Indeed.  Goto the downloads section of the snort site and grab
oinkmaster.  It's a little perl script that "remembers" which
sigs you comment out.  Small, elegant, effective.

=====
-----------------------------------------------------------
Only fools have all the answers.   
-----------------------------------------------------------

__________________________________
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://antispam.yahoo.com/whatsnewfree


-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: