Re: confused on what to do with the ruleset

[MLP SCADA <MLPSCADA () ci anchorage ak us>]

So I've bought two business subscriptions to the ruleset.  Now what am I actually supposed to do with them?

I understand that I'm supposed to use pulledpork, but the network being monitored have no (known) outside connections, 
so can't do that.

I'm looking for something like 'untar new ruleset here', e.g. cd /etc/snort/rules; tar xvzpf snortrules-snapshot.tar.gz

I've done my best trying to read the instructions and do the google thing, but I'm still not getting it.

https://www.snort.org/assets/166/snort_manual.pdf 

tells me all about how to write rules and all the details, but not what to do with a new downloaded ruleset.

The various howtos are all inconsistent; probably very useful for someone that already knows what they're doing.



------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!