Re: how to disable compile-time reload option?

[waldo kitty <wkitty42 () windstream net>]

On 9/30/2010 15:40, Jefferson, Shawn wrote:
> The Host Attribute Table is an awesome feature of newer versions of Snort that allows you to import a table with your 
> hosts, what services they are running and on what ports.  A rule that targets http (specified by the "service" tag) 
> may then inspect traffic that isn't on the traditional http ports, because snort knows that this host is running an 
> HTTP service and on which port.
>
> The trick is building the host table... There is Hogger which takes nmap results and builds the table, and PRADS 
> which passively listens on your network and will build the table.  I'm using PRADS, since I have some sensitive 
> devices on my network that choke on an NMAP scan... it's been working pretty well.

ahhh... ok... i wasn't sure if it was that or if "attributes" was being used 
generically to mean all or some of the snort.conf configuration options...

thanks!

------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users