Snort mailing list archives

Re: Extracting snortrules-2931.tar.gz

From: Peter Bates <peter.bates () ucl ac uk>
Date: Tue, 9 Oct 2012 21:28:02 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello all

On 09/10/2012 21:02, Jeremy Hoel wrote:

When you try and use examples you have to expect and realize that
the example might be out of date and maybe try and figure out what
it might take to make it work.


I can see both sides of the argument here - I do side with encouraging
people to solve their own problems but in the case of

http://snort.org/snort-rules/cli

there's no real reason for it reflecting out of date information
or for not offering a better example of how to construct 'filename'

A wider issue is that if the Snort source tarball contained some
example rules (or a sample local.rules and then commented out all the
others included by default) it might be easier for the beginner.

But then of course, there's Pulledpork and SecurityOnion,
and if IT was easy then I'd be out of a job.

- -- 
Peter Bates
Senior Computer Security Officer    Phone: +44(0)2076792049
Information Services Division       Internal Ext: 32049
University College London
London WC1E 6BT
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQEcBAEBAgAGBQJQdIjSAAoJELhVoVpEMS6R2qgH/jB1ST78+DE5WPc7pfl8eyTp
DXPCNImg+b6E8znDcVsuriYM/bPd38rlnALykuXwhkcnepDdSV2MN2GGQDrkS9sB
/+DEhQBUCnNdL3Sr5fBh9wgstyMH3eck1x9HuZZt1/xkaKHyLsxhTs/lM25CsXbu
Ys14uEhXJdnof/7KhgBJpRNsydL9Ct3CDWg8n+67E1Cdn9niA+9AymtBm6H/jPre
v8TcI7+asnc4vsv6HuuTHXhrOWjfuMTpJegXGRWkHy7+PjcEtRNjjwZ98kKBlczR
O7DOTaOMoLuHbkTn9eqlslaQPwjcPDDHGs6efqk8NHPdRzOY1qh1JCaRN6wJjvY=
=bTaV
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Re: Extracting snortrules-2931.tar.gz, (continued)
- - - Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz waldo kitty (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz Michael Steele (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz waldo kitty (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz Peter Bates (Oct 09)
    - Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 09)
    - Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
    - Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
    - Re: Extracting snortrules-2931.tar.gz waldo kitty (Oct 10)
    - Re: Extracting snortrules-2931.tar.gz waldo kitty (Oct 10)
- Re: Extracting snortrules-2931.tar.gz Gregory W. MacPherson (Oct 10)