Snort mailing list archives
Re: confused on what to do with the ruleset
From: MLP SCADA <MLPSCADA () ci anchorage ak us>
Date: Mon, 19 Nov 2012 16:58:43 -0900
So I've bought two business subscriptions to the ruleset. Now what am I actually supposed to do with them? I understand that I'm supposed to use pulledpork, but the network being monitored have no (known) outside connections, so can't do that. I'm looking for something like 'untar new ruleset here', e.g. cd /etc/snort/rules; tar xvzpf snortrules-snapshot.tar.gz I've done my best trying to read the instructions and do the google thing, but I'm still not getting it. https://www.snort.org/assets/166/snort_manual.pdf tells me all about how to write rules and all the details, but not what to do with a new downloaded ruleset. The various howtos are all inconsistent; probably very useful for someone that already knows what they're doing. ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: confused on what to do with the ruleset MLP SCADA (Nov 19)
- Re: confused on what to do with the ruleset Carney, Megan (Nov 20)