Snort mailing list archives
Puzzled with snort rules...
From: "Edwin Gaton Pua, Engineer BIE,SCV" <EDWIN () scv com sg>
Date: Wed, 16 Jan 2002 09:55:18 +0800
Hi, I've installed the snort-1.8.3-5.i386.rpm into my RH7.2 box as my ID sensor and it works so far when i ran commands in sniffer and packet logger mode (with -dv and -l) switches. It shows the real time packets and logged them into /var/log/snort directory. But i want to run snort in NIDS mode and i am just puzzled on how to configure my snort.conf to communicate with the default snort rules located in /etc/snort/ddos.rules, /etc/snort/exploit.rules, etc... do you have sample config of snort.conf that communicates properly with snort rules? Grateful to your response. Regards, Edwin
Subscribe to 6 mths of SCV MaxTV & get a Free Dining voucher worth $128! Minimum subscription of $30 required. Call 873 3333 to subscribe now. Ts & Cs apply. *************************************************************************** This e-mail is confidential and may also be privileged. If you are not the intended recipient, please delete it and notify us at itsyteam () scv com sg immediately. You should not copy or use it for any purpose, nor disclose its contents to any other person. Thank you. *************************************************************************** _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Puzzled with snort rules... Edwin Gaton Pua, Engineer BIE,SCV (Jan 15)