Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: snort 2.8.6.1 / barnyard2 2-1.8 (unified2) problem

From: "Lawrence R. Hughes, Sr." <lhughes () safemedia com>
Date: Fri, 27 Aug 2010 10:51:21 -0400
Joel,

Barnyard2 is reading the correct sid-msg.map file!
Those signature names are missing right from your new rules update..

We don't use oinkmaster, we take your rules and sid-msg.map file right from the downloads at snort.org.

Thanks,
Larry

  ----- Original Message ----- 
  From: Joel Esler 
  To: Lawrence R. Hughes, Sr. 
  Cc: <snort-users () lists sourceforge net> 
  Sent: Friday, August 27, 2010 10:40 AM
  Subject: Re: [Snort-users] snort 2.8.6.1 / barnyard2 2-1.8 (unified2) problem


  On Aug 27, 2010, at 9:54 AM, "Lawrence R. Hughes, Sr." <lhughes () safemedia com> wrote:



    We think Barnyard2 is not at fault, and  the snort sid-msg.map and rules are the problem.


  Barnyard2 isn't reading the correct sid-msg.map file. 


  You need to use either pulledpork or the create-sidmsg.pl file that comes with oinkmaster to make this file. 
  I suggest the former.  





    Are we thinking in the correct direction?
------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users 
worldwide. Take advantage of special opportunities to increase revenue and 
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: