Snort mailing list archives
Re: Bizarre signature
From: Eoin Miller <eoin.miller () trojanedbinaries com>
Date: Wed, 21 Jul 2010 16:00:08 +0000
On 7/21/2010 3:50 PM, Kun, Mike wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks! Is there something that needs to be configured in 2.8.6.0 that will cause the rules to show up with the msg field instead of just the sid? - -Mike
Are you using unified output logging and importing the alerts with barnyard? If so, you need to update your sid-msg.map and gen-msg.map files to include the entries from the other rulesets you downloaded and started running. Also look into pulledpork/oinkmaster for managing all that for you. -- Eoin ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Bizarre signature Kun, Mike (Jul 21)
- Re: Bizarre signature Paul Schmehl (Jul 21)
- Re: Bizarre signature Kun, Mike (Jul 21)
- Re: Bizarre signature Joel Esler (Jul 21)
- Re: Bizarre signature Eoin Miller (Jul 21)
- Re: Bizarre signature beenph (Jul 21)
- Re: Bizarre signature Paul Schmehl (Jul 21)
- Re: Bizarre signature Kun, Mike (Jul 21)
- Re: Bizarre signature Jefferson, Shawn (Jul 21)
- Re: Bizarre signature Paul Schmehl (Jul 21)