Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Pulledpork Item

From: JJC <cummingsj () gmail com>
Date: Mon, 27 Jun 2011 11:01:17 -0600
Bill,

I already responded in the other message that you sent to the PP google
group, but I'll paste below my response:

like a local rules file?

There is a script under contrib/ of pulledpork that converts oinkmaster
stuff to pulledork configs



JJC

On Mon, Jun 27, 2011 at 10:54 AM, Bill Pickens <wmpickens () gmail com> wrote:


Hopefully I can get an answer in this forum.

Hello Everyone,
I have been working with snort for about a year and have managed
signatures using other products.
I was looking into using PP as another option.

I downloaded 0.6.0 and have it functioning.

Can PP read exisitng rule files that have disabled rules by comment in the
rule file and build the new rules files with the existing disabled rules,
disabled?

If not, does someone have a unix shell script that can create a
disablesid.conf from exiting rules files?

Thanks for any help.


------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please see http://www.snort.org/docs for documentation


------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security 
threats, fraudulent activity, and more. Splunk takes this data and makes 
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please see http://www.snort.org/docs for documentation
Previous By Date Next
Previous By Thread Next

Current thread: