Snort mailing list archives
Re: Bleeding rules
From: "Alex Butcher, ISC/ISYS" <Alex.Butcher () bristol ac uk>
Date: Wed, 03 Nov 2004 08:40:28 +0000
--On 02 November 2004 17:40 +0200 Rocio Alfonso Pita <rozio () alfa21 com> wrote:
Hello, I activate bleeding rules in a computer, and when I add these files to my snort.conf: [+] Added files: [+] -> bleeding-inappropriate.rules -> bleeding-malware.rules -> bleeding-p2p.rules -> bleeding-policy.rules -> bleeding-sid-msg.map -> bleeding-virus.rules -> bleeding.rules snort not start with this error: Nov 02 10:23:11 pc snort: FATAL ERROR: /var/oinkmaster/rules/bleeding-sid-msg.map(1) => Unknown rule type: 2000002 what is the problem? If I comment the line with "bleeding-sid-msg.map", snort runs well.
.map files are not in the snort configuration file syntax. Therefore, don't include them, paste them in, or anything of that sort.
They're for use by external applications (e.g. the mudpit spool processor).
Thanks and regards, rozio
Best Regards, Alex. -- Alex Butcher: Security & Integrity, Personal Computer Systems Group Information Systems and Computing GPG Key ID: F9B27DC9 GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9 ------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Bleeding rules Rocio Alfonso Pita (Nov 02)
- Re: Bleeding rules Alex Butcher, ISC/ISYS (Nov 03)