Snort mailing list archives
Re: Pulledpork Item
From: JJC <cummingsj () gmail com>
Date: Mon, 27 Jun 2011 11:01:17 -0600
Bill, I already responded in the other message that you sent to the PP google group, but I'll paste below my response: like a local rules file?
There is a script under contrib/ of pulledpork that converts oinkmaster stuff to pulledork configs
JJC On Mon, Jun 27, 2011 at 10:54 AM, Bill Pickens <wmpickens () gmail com> wrote:
Hopefully I can get an answer in this forum. Hello Everyone, I have been working with snort for about a year and have managed signatures using other products. I was looking into using PP as another option. I downloaded 0.6.0 and have it functioning. Can PP read exisitng rule files that have disabled rules by comment in the rule file and build the new rules files with the existing disabled rules, disabled? If not, does someone have a unix shell script that can create a disablesid.conf from exiting rules files? Thanks for any help. ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please see http://www.snort.org/docs for documentation
------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please see http://www.snort.org/docs for documentation
Current thread:
- Pulledpork Item Bill Pickens (Jun 27)
- Re: Pulledpork Item JJC (Jun 27)