Re: Broken snort rule

["Matt Olney" <molney () sourcefire com>]

Actually, in snort 2.8.3.3, the -x control:

-x         Exit if Snort configuration problems occur

will fail out on many common rule problems.   For example, duplicate sids.

Matt

On Tue, Oct 7, 2008 at 2:30 PM, Paul Schmehl <pauls () utdallas edu> wrote:

> --On Tuesday, October 07, 2008 11:48:45 -0500 Matt Jonkman <
> jonkman () jonkmans com> wrote:
>
>
> > Cool, I had stopped testing of the autogenerated rules because it didn't
> > seem to be of much use. Will turn that back on.
> >
> > Is there an easy way to parse the other rules though for more subtle
> > errors? Or force verbosity to get it to tell us about rules ignored?
> does # snort -Tvvvvvv not do the trick?
>
> --
> Paul Schmehl (pauls () utdallas edu)
> Senior Information Security Analyst
> The University of Texas at Dallas
> http://www.utdallas.edu/ir/security/
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users