Snort mailing list archives
Re: Pulledpork does not apply policies to Snort registered rules
From: "Michael Steele" <michaels () winsnort com>
Date: Fri, 29 Jul 2016 15:24:23 -0400
Snort will display the number of enabled rules. If the priority is changed in PulledPork the number of active rules will change. Kindest regards, Michael... WINSNORT.com Management Team Member -- ****************** Established ~ 2001 ******************* * Visit Us @ <http://www.winsnort.com> http://www.winsnort.com * * ~~ FREE WinIDS Snort installation guides ~~ * * ~~ FREE support forums ~~ * * Snort: Open Source Network IDS - <http://www.snort.org> http://www.snort.org * ********************************************************* From: Shirkdog [mailto:shirkdog () gmail com] Sent: Friday, July 29, 2016 10:13 AM To: Joel Esler (jesler) <jesler () cisco com> Cc: Asad, Hafiz ul <Hafiz-ul.Asad () city ac uk>; snort-users mailinglist <snort-users () lists sourceforge net> Subject: Re: [Snort-users] Pulledpork does not apply policies to Snort registered rules I was about to reply to this, as I thought Joel had brought this up as a feature before. If it does not exist as an issue, please add it as a feature request. On Jul 29, 2016 10:11 AM, "Joel Esler (jesler)" <jesler () cisco com <mailto:jesler () cisco com> > wrote: Interesting. Have you filled an issue with pulledpork on the github for the project? Shirkdog may not be monitoring this list all the time. On Jul 29, 2016, at 8:06 AM, Asad, Hafiz ul <Hafiz-ul.Asad () city ac uk <mailto:Hafiz-ul.Asad () city ac uk> > wrote: Snort Users, I have been trying to compare results of different snort rules with different policies; Connectivity;Security;Balanced;No-policy. While setting these for downloading different community rules using Pulledpork, I was able to download different sets of rules for each policy.However, I have noticed, that setting up different policies in the "pulledpork.conf" file does not have any effect on the downloaded rules for "Snort Registered" Rule set (Every time the downloaded rules remain the same no matter what policy is set in the file). Is there any explanation for this from the Pulledpork point of view? Cheers, Asad Hafiz ul Asad Research Assistant Center for Software Reliability School of Mathematics, Computer Science & Engineering City University London, EC1V 0HB London Tel : +44 (0) 20 7040 8422 <tel:%2B44%20%280%29%2020%207040%208422> ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list <mailto:Snort-users () lists sourceforge net> Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: <https://lists.sourceforge.net/lists/listinfo/snort-users> https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit <http://blog.snort.org/> http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net <mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Pulledpork does not apply policies to Snort registered rules Asad, Hafiz ul (Jul 29)
- Re: Pulledpork does not apply policies to Snort registered rules Joel Esler (jesler) (Jul 29)
- Re: Pulledpork does not apply policies to Snort registered rules Shirkdog (Jul 29)
- Re: Pulledpork does not apply policies to Snort registered rules Michael Steele (Jul 29)
- Re: Pulledpork does not apply policies to Snort registered rules Shirkdog (Jul 29)
- Re: Pulledpork does not apply policies to Snort registered rules Joel Esler (jesler) (Jul 29)