Emerging Threats Rules

["Jefferson, Shawn" <Shawn.Jefferson () bcferries com>]

Hi,

I was wondering what the best method of implementing the Emerging
Threats rules on a snort machine is?  I'm using Snort with MySQL,
Barnyard and BASE.

I've got my snort machine downloading the Emerging Threats rules
everyday, and I just put an include for each ET rule file in the
snort.conf file.  Is this the best way to handle it?

Also, I noticed that in BASE, I am not seeing the SID name, and I'm
assuming that is because I am not telling the system to look at the ET
sid.msg file.  What's the best way to deal with that?

Thanks,
Shawn

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users