Gentoo Archives: gentoo-security

From: Cameron Logie <cameron.logie@×××××××××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Updating Snort Rules
Date: Thu, 06 May 2004 08:15:59
Message-Id: 33170.192.168.3.5.1083831525.squirrel@server.intranet.rushbrookit.com
In Reply to: [gentoo-security] Updating Snort Rules by Ryan
1 I too use oinkmaster on a weekly basis to download the current ruleset and
2 roll in the changes.
3 As long as you sort out your perms on the /etc/snort directory it's fine.
4 I just run it from the snort users crontab.
5
6 Regards,
7 Cammy.
8
9 --
10 Cameron Logie - Rushbrook IT
11 Internet | Systems | Security
12 Linux solutions for forward thinkers
13
14 [W] http://www.rushbrookit.com/
15 [E] cameron.logie@×××××××××××.com
16 [T] 0870 765 0620
17
18 GPG Key fingerprint = F83F 9D7F 80FF 79A6 B36D 7C97 7491 5C03 7F2B 65D7
19 Public Key at http://www.rushbrookit.com/gpgkeys/cameron.logie.gpg.asc
20
21 Ryan said:
22 > I just recently installed snort on a machine to watch my network. I see
23 > that there are several scripts out there that support automatic updating
24 > of the snort ruleset to keep it current. Could anyone recommend a program
25 > for doing that or comment on their experience with them? I'd just like to
26 > have some means of automatically downloading new rules and installing
27 > them. Also, is there an "emerge snortrules" or some similar ebuild that
28 > I've missed?
29 >
30 > Thanks,
31 > Ryan
32 >
33 > --
34 > gentoo-security@g.o mailing list
35 >
36 >
37 >
38
39
40 --
41 gentoo-security@g.o mailing list