Re: snort funtionallity

["Nick Smith" <nick () computernick com>]

> > does it do that on its own?
>
> Nope, you have to do it manually. I would recomend oinkmaster
> (http://oinkmaster.sourceforge.net/) to manage the rules. It
> will do
> the trick.

got oink installed and also updated it, seemed to work ok, no
manual work as far as i can tell, said the update went fine and
i restarted.

> And don't forget that you have to send SIGUSR1 or restart snort
> for it
> to pick up the updated rules.
>
> > > > and where would i add those rules?
>
> Oinkmaster will take care of most of the stuff, and advice you
> where
> you need to do some manual work.
>
> > > Have you enabled the relevant signatures and preprocessors
> > for those?
> > >
> > no clue how to do that? any advice?

i was asking if there is something i need to turn on in snort to
monitor that traffic, and what config files do you need? snort?
firewall? i am behind a router (soon to change) but i dont think
that would be blocking that traffic by default configuration
(linksys)

thanks for the input

Nick

> Not sure, I don't know your network. I would help if you could
> send us
> your configuration so we can have a look at it. Also check out
> the
> snort documentation at www.snort.org.
>
>
> Best regards
>  Michael Boman




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users