Re: oinkmaster and so rules.. FAQ broken?

[waldo kitty <wkitty42 () windstream net>]

On 2/8/2011 20:39, Joel Esler wrote:
> On Feb 8, 2011, at 8:28 PM, waldo kitty wrote:
> > On 2/8/2011 20:23, Randal T. Rioux wrote:
> > > On 2/8/2011 8:20 PM, waldo kitty wrote:
> > > > On 2/8/2011 19:52, Joel Esler wrote:
> > > > > Have you tried pulledpork? It takes care of all this for you (plus much more)
> > > >
> > > > how'd i know that was coming?? :? ;)
> > >
> > > That train is never late!
> >
> > ROTFLMAO!!!!!
>
> I just don't want to see people reinvent the wheel.  That's all.  Trying to save ya'll some work.

that's understandable as well as fine and good but there are some environments 
that simply cannot (yet?) switch from oinkmaster for whatever corporate and/or 
local reasons there are...

one such reason that i'm aware, and i think i have talked with the pulledpork 
maintainer about it, is the merging of all rules files into one rules file... 
that is just not an option in our environment... management of individual rules 
sets via the snort.conf is much easier handled with the distributed multiple 
rules files... but this is quite possibly also a limitation of certain tools 
used to manage the rules sets... i've not dug deeper into it because of the 
corporate and local limits in place...

------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org