Snort mailing list archives
Re: default snort rules
From: waldo kitty <wkitty42 () windstream net>
Date: Tue, 08 Jul 2014 15:52:19 -0400
On 7/8/2014 2:27 PM, Abhijit Tikekar wrote:
Hi, I am a new snort user. Current implementation is snort-2.9.6.1 on CentOS 6.4 along with barnyard and snorby. My question is regarding the ruleset which I downloaded as a registered user. Many of the rule files are empty, e.g, icmp.rules, or ddos.rules. Are these supposed to be empty?
yes, they are supposed to be empty or at least have the license header only in
them... they are old files from before the last category adjustments... they
cannot be removed automatically because their removal may break existing
installs which load them in the configs... if they are empty and you don't want
them, you should be able to remove them and ensure that they are not referenced
in your snort.conf file(s)... hopefuly pulledpork and similar tools won't try to
force their use back into the conf files... i remember one tool that i used to
use forced the listing of all files in the archive to match in the conf file...
even if they were just commented out they still had to be there...
--
NOTE: No off-list assistance is given without prior approval.
Please *keep mailing list traffic on the list* unless
private contact is specifically requested and granted.
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- default snort rules Abhijit Tikekar (Jul 08)
- Snort additional-downloads dead link Guillaume Daleux (Jul 08)
- Re: Snort additional-downloads dead link Jaime Nebrera (Jul 08)
- Re: Snort additional-downloads dead link Guillaume Daleux (Jul 08)
- Re: Snort additional-downloads dead link Juan Jesus Prieto (Jul 08)
- Re: Snort additional-downloads dead link Jaime Nebrera (Jul 08)
- Re: Snort additional-downloads dead link Jason (Jul 08)
- Snort additional-downloads dead link Guillaume Daleux (Jul 08)
- Re: default snort rules waldo kitty (Jul 08)
- Re: default snort rules Joel Esler (jesler) (Jul 08)
- Re: default snort rules Abhijit Tikekar (Jul 10)
- Re: default snort rules Jeremy Hoel (Jul 10)
- Re: default snort rules Abhijit Tikekar (Jul 10)
- Re: default snort rules Jeremy Hoel (Jul 10)
- Re: default snort rules Abhijit Tikekar (Jul 10)
- Re: default snort rules Jeremy Hoel (Jul 10)
- Re: default snort rules Abhijit Tikekar (Jul 10)
- Re: default snort rules Abhijit Tikekar (Jul 15)
- Re: default snort rules Abhijit Tikekar (Jul 10)