Snort mailing list archives
Re: VRT SO rules path
From: Matt Watchinski <mwatchinski () sourcefire com>
Date: Wed, 15 Apr 2009 00:01:16 -0400
Just to be sure your talking about the snort.conf in the etc/ dir in the rule-snapshots? If so i'll get this cleaned up. Thanks -matt On Tue, Apr 14, 2009 at 10:05 PM, Stephen Reese <rsreese () gmail com> wrote:
This may just be me but I noticed that when I installed Snort 2.8.4 on my Debian Lenny box it created: /usr/local/lib/snort_dynamicrules but my snort.conf that I got with my latest ruleset had: dynamicdetection file /usr/local/lib/snort_dynamicrule/bad-traffic.so dynamicdetection file /usr/local/lib/snort_dynamicrule/chat.so dynamicdetection file /usr/local/lib/snort_dynamicrule/dos.so dynamicdetection file /usr/local/lib/snort_dynamicrule/exploit.so dynamicdetection file /usr/local/lib/snort_dynamicrule/imap.so dynamicdetection file /usr/local/lib/snort_dynamicrule/misc.so dynamicdetection file /usr/local/lib/snort_dynamicrule/multimedia.so dynamicdetection file /usr/local/lib/snort_dynamicrule/netbios.so dynamicdetection file /usr/local/lib/snort_dynamicrule/nntp.so dynamicdetection file /usr/local/lib/snort_dynamicrule/p2p.so dynamicdetection file /usr/local/lib/snort_dynamicrule/smtp.so dynamicdetection file /usr/local/lib/snort_dynamicrule/sql.so dynamicdetection file /usr/local/lib/snort_dynamicrule/web-client.so dynamicdetection file /usr/local/lib/snort_dynamicrule/web-misc.so notice the lacking (s)... No biggy just wanted to mention it. ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Matthew Watchinski Sr. Director Vulnerability Research Team (VRT) Sourcefire, Inc. Office: 410-423-1928 http://vrt-sourcefire.blogspot.com && http://www.snort.org/vrt/ ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- VRT SO rules path Stephen Reese (Apr 14)
- Re: VRT SO rules path Matt Watchinski (Apr 14)
- Re: VRT SO rules path Stephen Reese (Apr 15)
- Re: VRT SO rules path Matt Watchinski (Apr 15)
- Re: VRT SO rules path Stephen Reese (Apr 15)
- Re: VRT SO rules path Matt Watchinski (Apr 14)