Snort mailing list archives
Re: re: instant snort sigs for new vulnerabilites
From: Andreas Östling <andreaso () it su se>
Date: Wed, 3 Jul 2002 10:02:40 +0200
On Wednesday 03 July 2002 09.15, Maarten wrote:
One downside: oinkmaster deactivates (at least the version I once downloaded) sids by placing a "#" at the beginning of a rule.
I only does so for the sids you tell Oinkmaster to disable. This is a feature and I don't get why this would be a downside. (Or would you for some reason prefer that the unwanted rules were removed instead of commented out?)
It also activates all rules with a "#" at the beginning of a line when they are not specified by oinkmaster. Since the new 1.9 rules are commented out with a "#", you will have problems with 1.8 because oinkmaster uncomments the lines.
... Unless you specify "-p" which will preserve the commented out lines. I agree this is stupid, and this has been changed in 0.6 which will be released as soon as I have a free minute :) Regards, Andreas Östling ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek No, I will not fix your computer. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- instant snort sigs for new vulnerabilites Steve McGhee (Jul 02)
- Re: instant snort sigs for new vulnerabilites twig les (Jul 02)
- Re: instant snort sigs for new vulnerabilites Steve Francis (Jul 02)
- Re: instant snort sigs for new vulnerabilites Nick Zitzmann (Jul 02)
- Re: instant snort sigs for new vulnerabilites Erek Adams (Jul 03)
- Re: instant snort sigs for new vulnerabilites Stefan Dens (Jul 03)
- Re: instant snort sigs for new vulnerabilites Bennett Todd (Jul 03)
- <Possible follow-ups>
- re: instant snort sigs for new vulnerabilites Maarten (Jul 03)
- Re: re: instant snort sigs for new vulnerabilites Andreas Östling (Jul 03)
- Re: re: instant snort sigs for new vulnerabilites Maarten Hartsuijker (Jul 04)
- Re: re: instant snort sigs for new vulnerabilites Andreas Östling (Jul 03)
- RE: re: instant snort sigs for new vulnerabilites Hicks, John (Jul 03)
- Re: instant snort sigs for new vulnerabilites twig les (Jul 02)