Re: What s the difference between the shipped snort.conf's?

[Jun Wan <junwei_wan () hotmail com>]

Hi Wkitty42,

 

Thanks for the info. I can install the new Snort 2.8.6.1 (via compiling the new 
2.8.6.1 sources or pre-compiled binary downloads) into a diffrent folder, create new folders for log, barnyard2 ... 
etc.  

 

How to migrate the configurations from old Snort.conf , barnyard2 and old customised rules to the new 
Snort.conf,barnyard2  and new rules?  manual process? auto-process? 

 

Thanks.

 

Regards

 

John
 
> Date: Wed, 28 Jul 2010 22:30:29 -0400
> From: wkitty42 () windstream net
> To: snort-users () lists sourceforge net
> Subject: Re: [Snort-users] What s the difference between the shipped snort.conf's?
>
> On 7/28/2010 21:32, Jun Wan wrote:
> > Hi Jimmy,
> >
> > I am going to do the same thing as you did---making the transition from 2.8.5.3
> > to 2.8.6.1.
> >
> > What's the best way to do this transition?
> > How did you make the transition?
>
> FWIW: i made the transition in my setups by downloading and compiling the new 
> 2.8.6.1 sources... i suspect that it is much easier in other environments due to 
> the pre-compiled binary downloads that are available...
>
> FWIW2: i don't think it will help with your problem of pulled pork not being 
> able to download the MD5 file but stranger things have been seen... especially 
> if the MD5 is/was not available where your pulled pork may have been looking for 
> it... this may also be hampered if SF/VRT's time limited download stuff is 
> blocking the MD5 after the rules have been pulled down... i've seen times where 
> one download is allowed and then it is at least 15 minutes before another is 
> allowed... that indicates that the rules pull may happen "now" and then you have 
> to wait 15 minutes before you can pull the MD5 file...
>
> this theory is what i have found in my testing of my apps' and their update 
> functions... i've tried to relate these concerns to SF/VRT but something seems 
> to be lost in translation at times... oh well... i can only do what i can to 
> pass this info on to others :?
>
> ------------------------------------------------------------------------------
> The Palm PDK Hot Apps Program offers developers who use the
> Plug-In Development Kit to bring their C/C++ apps to Palm for a share
> of $1 Million in cash or HP Products. Visit us here for more details:
> http://p.sf.net/sfu/dev2dev-palm
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
                                          
_________________________________________________________________
Browse profiles for FREE! Meet local singles online.
http://clk.atdmt.com/NMN/go/150855801/direct/01/

------------------------------------------------------------------------------
The Palm PDK Hot Apps Program offers developers who use the
Plug-In Development Kit to bring their C/C++ apps to Palm for a share
of $1 Million in cash or HP Products. Visit us here for more details:
http://p.sf.net/sfu/dev2dev-palm

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users