OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Phil Wood (cpwlanl.gov)
Date: Tue Jun 05 2001 - 09:44:58 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    On Mon, Jun 04, 2001 at 10:31:52PM +0530, Sid wrote:

    > > Jun 4 14:43:12 e220r trons[10691]: ERROR /sw/trons/conf/vision18.rules(1)
                                                                        ^
    1. use the current version of snort found in cvs.

    > > => Bad Priority setting

    > > "attempted-dos"
    > >
    > > And so on and so forth ....... i think Snort does not recognise the 20
    > > priority-system which whitehats follows.

    2. use the whitehats classification system that can be found
       in vision.conf.

       grep "^config classification" vision.conf > classification.vision

    3. don't use the <group>.rules files. The best way to do this is
       to use vision.conf.

    (Remember, 1.8 is not released, you are treading water with the rest of us)

    > >
    > > Siddhartha
    > > 

    -- 
Phil Wood, cpwlanl.gov

    _______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users