Snort mailing list archives
Re: What s the difference between the shipped snort.conf's?
From: Joel Esler <jesler () sourcefire com>
Date: Thu, 29 Jul 2010 08:11:59 -0400
The barnyard configuration may not change much. The snort.conf is a manual conversion though. Sent from my iPhone On Jul 29, 2010, at 2:34 AM, Jun Wan <junwei_wan () hotmail com> wrote:
Hi Wkitty42, Thanks for the info. I can install the new Snort 2.8.6.1 (via compiling the new 2.8.6.1 sources or pre-compiled binary downloads) into a diffrent folder, create new folders for log, barnyard2 ... etc. How to migrate the configurations from old Snort.conf , barnyard2 and old customised rules to the new Snort.conf,barnyard2 and new rules? manual process? auto-process? Thanks. Regards JohnDate: Wed, 28 Jul 2010 22:30:29 -0400 From: wkitty42 () windstream net To: snort-users () lists sourceforge net Subject: Re: [Snort-users] What s the difference between the shipped snort.conf's? On 7/28/2010 21:32, Jun Wan wrote:Hi Jimmy, I am going to do the same thing as you did---making the transition from 2.8.5.3 to 2.8.6.1. What's the best way to do this transition? How did you make the transition?FWIW: i made the transition in my setups by downloading and compiling the new 2.8.6.1 sources... i suspect that it is much easier in other environments due to the pre-compiled binary downloads that are available... FWIW2: i don't think it will help with your problem of pulled pork not being able to download the MD5 file but stranger things have been seen... especially if the MD5 is/was not available where your pulled pork may have been looking for it... this may also be hampered if SF/VRT's time limited download stuff is blocking the MD5 after the rules have been pulled down... i've seen times where one download is allowed and then it is at least 15 minutes before another is allowed... that indicates that the rules pull may happen "now" and then you have to wait 15 minutes before you can pull the MD5 file... this theory is what i have found in my testing of my apps' and their update functions... i've tried to relate these concerns to SF/VRT but something seems to be lost in translation at times... oh well... i can only do what i can to pass this info on to others :? ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-usersMeet local singles online. Browse profiles for FREE! ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- What's the difference between the shipped snort.conf's? Jimmy Crackcorn (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Joel Esler (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Jimmy Crackcorn (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Joel Esler (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Jimmy Crackcorn (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Jun Wan (Jul 28)
- Re: What s the difference between the shipped snort.conf's? waldo kitty (Jul 28)
- Re: What s the difference between the shipped snort.conf's? Jun Wan (Jul 28)
- Re: What s the difference between the shipped snort.conf's? Joel Esler (Jul 29)
- Re: What s the difference between the shipped snort.conf's? Jun Wan (Jul 29)
- correct rule url/IDSPM? John Hally (Jul 30)
- Re: correct rule url/IDSPM? John Hally (Jul 30)
- Re: What s the difference between the shipped snort.conf's? waldo kitty (Jul 28)
- Re: What's the difference between the shipped snort.conf's? Joel Esler (Jul 28)