[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Snort as IDS/IPS in mission-critical enterprisenetwork

To: pmelson@xxxxxxxxx
Subject: Re: [Full-disclosure] Snort as IDS/IPS in mission-critical enterprisenetwork
From: Michael Holstein <michael.holstein@xxxxxxxxxxx>
Date: Fri, 09 Dec 2005 14:28:48 -0500

You, too, can be replaced by a small shell script. :)


Add the -T switch to your shellscript and test *before* you HUP snort.

I was just telling the cautionary tale of interrupting snort, since it's so easy to mess up rules by inserting a blankline between or carrige return in the middle of them.

~Mike.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- RE: [Full-disclosure] Snort as IDS/IPS in mission-critical enterprisenetwork
  - From: Paul Melson

Prev by Date: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
Next by Date: [Full-disclosure] [TKPN2005-12-001] Multiple critical vulnerabilities in MyBB
Previous by thread: RE: [Full-disclosure] Snort as IDS/IPS in mission-critical enterprisenetwork
Next by thread: Re: [Full-disclosure] Snort as IDS/IPS in mission-critical enterprise network
Index(es):
- Date
- Thread