Home page logo

snort logo Snort mailing list archives

New snort.conf
From: "Crook, Parker" <Parker_Crook () reyrey com>
Date: Wed, 29 Dec 2010 16:26:17 -0500

So I finally made the push to start migrating everything to 2.9 in its latest iteration ( as things have cooled 
down in both of the environments I run (CentOS & Debian).  After compilation I started migrating and found the below 
snippet as a header in my new snort.conf file.  Great information -- Well done guys!

#   VRT Rule Packages Snort.conf
#   For more information visit us at:
#     http://www.snort.org                   Snort Website
#     http://vrt-sourcefire.blogspot.com/    Sourcefire VRT Blog
#     Mailing list Contact:      snort-sigs () lists sourceforge net
#     False Positive reports:    fp () sourcefire com
#     Snort bugs:                bugs () snort org
#     Compatible with Snort Versions:
#     VERSIONS :
#     Snort build options:
#     OPTIONS : --enable-ipv6 --enable-gre --enable-mpls --enable-targetbased --enable-decoder-preprocessor-rules 
--enable-ppm --enable-perfprofiling --enable-zlib --enable-active-response --enable-normalizer --enable-reload 
--enable-react --enable-flexresp3

I'm really excited to see the snort build options listed in here, as it shows me what is really going on when I run:
./configure --enable-ipv6 --enable-decoder-preprocessor-rules --enable-sourcefire --enable-targetbased 
--enable-perfprofiling --enable-reload --enable-dynamicplugin

After being puzzled for a minute I went through the configure options and noted that dynamicplugin is enabled by 
default, so I can see why that is left out, so I suppose the -enable-sourcefire turns on the following:
Is that a correct assessment?


P.S.  Perhaps consider adding a line in the "For more information visit us at" section pointing to the new Snort Blog?
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and, 
should the need arise, upgrade to a full multi-node Oracle RAC database 
without downtime or disruption
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]