Snort mailing list archives
Re: How to enable ALL rules when Pulledpork is ran?
From: "Michael Steele" <michaels () winsnort com>
Date: Mon, 8 Feb 2016 13:02:35 -0500
That was the trick J Kindest regards, Michael... WINSNORT.com Management Team Member -- ****************** Established ~ 2001 ******************* * Visit Us @ <http://www.winsnort.com> http://www.winsnort.com * * ~~ FREE WinIDS Snort installation guides ~~ * * ~~ FREE support forums ~~ * * Snort: Open Source Network IDS - <http://www.snort.org> http://www.snort.org * ********************************************************* From: Y M [mailto:snort () outlook com] Sent: Monday, February 8, 2016 9:52 AM To: Michael Steele <michaels () winsnort com> Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] How to enable ALL rules when Pulledpork is ran? Add "pcre:." minus the quotes to your enablesid.conf, thanks to shirkdog, mentioning it some time back. YM Sent from Mobile On Mon, Feb 8, 2016 at 6:41 AM -0800, "Michael Steele" <michaels () winsnort com <mailto:michaels () winsnort com> > wrote: I'm trying to figure out how to activate all the rules (for temp testing purposes) when PP is ran. I'm using the -nPT as the switches when I run PP on a ruleset that is current. All rules are located in the snort.rules file. Everything is processing normally using the ips_policy=security switch. Thanks.
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- How to enable ALL rules when Pulledpork is ran? Michael Steele (Feb 08)
- Re: How to enable ALL rules when Pulledpork is ran? Y M (Feb 08)
- Re: How to enable ALL rules when Pulledpork is ran? Shirkdog (Feb 08)
- Re: How to enable ALL rules when Pulledpork is ran? Michael Steele (Feb 08)
- Re: How to enable ALL rules when Pulledpork is ran? Y M (Feb 08)