RE: snort software: BASE SUGGESTION

I think this may be a good idea for BASE..  Create some links in the
conf there...  So you can call the rule.. And display it..  That'd be
neat.

J

-----Original Message-----
From: snort-sigs-admin@xxxxxxxxxxxxxxxxxxxxx
[mailto:snort-sigs-admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of
twebster@xxxxxxxxxxx
Sent: Thursday, October 14, 2004 12:03 PM
To: Naveen Kumar Akkugari
Cc: 'snort-sigs@xxxxxxxxxxxxxxxxxxxxx'
Subject: RE: [Snort-sigs] snort software


Naveen,

Acid is only a viewer for the IDS events, you can not configure any IDS
rules with ACID.  All rules are configured via the rules files in the
snort configuration directory.  Please take a look at your snort.conf
file for the location of your rules files.  Typically they are found in
/etc/snort/rules.

The SNORT FAQ and Snort Manual will give you more detailed info on
Snort. Please READ both.

If you need further assistance please provide me with a more complete
and detailed description of the problem you are having with your rules.

thanks and have a good day,

Tony




 

             Naveen Kumar

             Akkugari

             <nakkugar@innova.
To 
             stph.net>                 "'twebster@xxxxxxxxxxx'"

                                       <twebster@xxxxxxxxxxx>

             10/14/2004 09:49
cc 
             AM
"'snort-sigs@xxxxxxxxxxxxxxxxxxxxx' 
                                       "

 
<snort-sigs@xxxxxxxxxxxxxxxxxxxxx>  
 
Subject 
                                       RE: [Snort-sigs] snort software

 

 

 

 

 

 





Hi,


Thanks for your reply.
I am able to analysis the traffic using
http://localhost/console/acid_main.php. But I am not able to configure
rules through. Please help me to resolve this.

Regards,
Naveen
 -----Original Message-----
From:              twebster@xxxxxxxxxxx [mailto:twebster@xxxxxxxxxxx]
Sent:        Thursday, October 14, 2004 8:48 PM
To:          Naveen Kumar Akkugari
Cc:          'snort-sigs@xxxxxxxxxxxxxxxxxxxxx'
Subject:           Re: [Snort-sigs] snort software

Naveen,

This mailing list is for development and support on snort ids
signatures. To get started with Snort please visit the following.

http://www.snort.org

Snort.org provides excellent documentation on installation and
configuration of Snort IDS.

Also, the Snort-Users mailing list may help you answer any further
questions about Snort. http://www.snort.org/lists.html

Tony

snort-sigs-admin@xxxxxxxxxxxxxxxxxxxxx wrote on 10/13/2004 04:23:06 AM:

> Hi,
>
> I am Naveen Kumar from Innova Solutions from Hyderabad, India. I want 
> to evaluate snort IDS software. I want to please let me know the path 
> for software. I am looking for detection and prevention.  Please help 
> me
ASAP.
>
>
> Regards,
> Naveen
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: IT Product Guide on 
> ITManagersJournal Use IT products in your business? Tell us what you 
> think of them. Give us Your Opinions, Get Free ThinkGeek Gift 
> Certificates! Click to find out
more
> http://productguide.itmanagersjournal.com/guidepromo.tmpl
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs@xxxxxxxxxxxxxxxxxxxxx 
> https://lists.sourceforge.net/lists/listinfo/snort-sigs






-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give
us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find
out more http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-sigs mailing list
Snort-sigs@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/snort-sigs


-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl