Snort mailing list archives
Re: Snort Wget Failure (can't resolve > www.snort.org)
From: Willst Mail <willstmail () gmail com>
Date: Thu, 6 Oct 2011 18:53:50 -0400
Joel, et al, The use of pulledpork is great and all, but is there still throttling in place on the Sourcefire or snort.org side to limit the number of downloads from an IP? We have a handful of sensors, and rather than allowing the sensors access to the Internet and trying to stagger schedules, we have a single "management" device that does a wget to grab the rules once, then each sensor uses pulledpork to pull a copy from the central device. Then again I guess we could run pulledpork on a device that isn't a sensor and disable what we can of the part that actually unpacks and tweaks the ruleset contents. ----------------------------------------------------------------------
Message: 1 Date: Thu, 6 Oct 2011 13:46:00 -0400 From: Joel Esler <jesler () sourcefire com> Subject: Re: [Snort-users] Snort Wget Failure (can't resolve www.snort.org) To: "Carney, Megan" <Megan.Carney () selectcomfort com> Cc: "snort-users () lists sourceforge net" <snort-users () lists sourceforge net> Message-ID: <D250B6C7-CCFE-4917-BD24-0942855A64E3 () sourcefire com> Content-Type: text/plain; charset=windows-1252 For reference: We are officially recommending that people use PulledPork. As it's A) More updated with the VRT ruleset's features and B) Will take advantage of future changes to the ruleset. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire
------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Snort Wget Failure (can't resolve > www.snort.org) Willst Mail (Oct 06)
- Re: Snort Wget Failure (can't resolve > www.snort.org) Joel Esler (Oct 06)
- Re: Snort Wget Failure (can't resolve > www.snort.org) JJ Cummings (Oct 06)