LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices



Reply
 
Search this Thread
Old 09-25-2002, 10:32 PM   #1
bripage
Member
 
Registered: Jan 2002
Location: Moorpark
Distribution: SLACK 8!
Posts: 230

Rep: Reputation: 30
Snort configuration/ rules file


Im supposed to create a rules file (configuration) for snort dealing with my network. The only problem is that I dont know what is supposed to be in it. The readme on it gives me some general clues, but not specifics... hmmph.
 
Old 09-26-2002, 01:34 AM   #2
RijilV
Member
 
Registered: Sep 2002
Location: somewhere
Distribution: gentoo
Posts: 123

Rep: Reputation: 15
have you read the docs online? they're very good and there are quite a few default examples.

there is even a website out there that will generate custom snort rule sets for you.

can I have you job? I really need one that pays more than factory work.
 
Old 09-26-2002, 05:52 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,693
Blog Entries: 54

Rep: Reputation: 2961Reputation: 2961Reputation: 2961Reputation: 2961Reputation: 2961Reputation: 2961Reputation: 2961Reputation: 2961Reputation: 2961Reputation: 2961Reputation: 2961
No, you don't need to create a rules file, but scrub your config for rules to include. Rule files are ones that hold the signatures. The config is in the snort tarball, and each time you update there's also one in that tarball.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Snort, Rules Tredo Linux - Security 1 12-20-2004 01:36 AM
Snort rules> priority linuxtommy Linux - Security 1 09-12-2004 10:35 PM
snort rules to vulns not yet published zuessh Linux - Security 1 02-12-2004 03:17 PM
updating snort rules zuessh Linux - Security 2 11-26-2003 02:11 PM
Snort Rules Canadian_2k2 Linux - Security 5 11-01-2002 11:24 PM


All times are GMT -5. The time now is 10:45 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration