Snort mailing list archives
Role of snort.conf regarding rules? (noob)
From: stormshadow <storm-shadow () comcast net>
Date: Wed, 30 Apr 2003 01:37:09 -0400
Quick note: I sent this from my work email and I dont think it made it to the list. Here it is again:
From what I've read on the faqs, all the rule sets for IDS mode have to
be made in the snort.conf file? Is this how many of you are running snort? Hence the example in the FAQs: "./snort -d -h 192.168.1.0/24 -l ./log -c snort.conf Where snort.conf is the name of your rules file. This will apply the rules set in the snort.conf file to each packet to decide if an action based upon the rule type in the file should be taken." So does this mean any rules should be made directly in the snort.conf file? (adding/editing rules etc). Or, can the "snort.conf" be substituted with any rule set you have? (EX: snort -d 172.16.0.9/3 log -c rule_file_here) I guess I'm confused on what role snort.conf plays in rules. What exactly should be done to the snort.conf? Thanks ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Role of snort.conf regarding rules? (noob) stormshadow (Apr 29)
- Re: Role of snort.conf regarding rules? (noob) Erek Adams (Apr 30)
- <Possible follow-ups>
- RE: Role of snort.conf regarding rules? (noob) L. Christopher Luther (Apr 30)