Hi,
Ya, you are telling right. I am behinf a proxy, but I have configured the proxy settings in the config.php in /var/www/html/snortcenter directory.
I have defined the proxy path as:
$proxy = " ipaddress:port";
When I click on the view rules, then there is no rules in it. Also when I select the sensor in place of default sensor.
As you are saying that it may be possible that there is no update for this time, but is not so because there is no rule in the rule base.
Now can you tell me, how can I get out from this.
Thanks in advance.
Regards,
           Atul Shrivastava
 
 Larc <larcpandora.be> wrote:Hi, When you install a new agent, you have to activate the rules that you want to use for that 'sensor scope' and then push the configuration to the sensor. If you get " No update this time " in the management console, that is because there are no changes in the snortrules-stable rules from the snort website or if you are behind a proxy server, you didn't enter the right proxy server in the 'config.php' file Regards,Stefan Dens----- Original Message ----- From: Atul Shrivastava To: Jens Krabbenhoeft ; snort-userslists.sourceforge.net Sent: Saturday, November 09, 2002 9:28 AMSubject: Re: [Snort-users] Rule update with snortcenter

Hi,
When I have done a fresh installation of snort center agent and then click on the UPDATE from the Internet then it displays that " No update this time " while I am updating it for the first time.
Also when I check the snort configuration file then there is no rule in it.
Can anyone tell me the solution.
Thanks in advance.
Regards,
               Atul Shrivastava

 Jens Krabbenhoeft <tschenz-snort-usersnoris.net> wrote: Michael,

> Why Snortcenter doesn't recognize that there are rules more up to date
> on www.snort.org?

The way snortcenter checks for new signatures is as follows:

* a known signature has a known revision - if that revision increases,
it says "rule has updated"
* if it finds an unknown sid, it says "rule added"

Apparently the snortrules-stable file has no new rules since 2002/10/31:

> grep "\$Id" * | grep "2002/11"
> grep "\$Id" * | grep "2002/10"
policy.rules:# $Id: policy.rules,v 1.25.2.1 2002/10/18 15:24:20 andrewbaker Exp $
> grep "\$Id" * | grep "2002/09"
attack-responses.rules:# $Id: attack-responses.rules,v 1.16 2002/09/18 12:52:31 cazz Exp $
experimental.rules:# $Id: experimental.rules,v 1.64 2002/09/17 18:38:10 roesch Exp $

There are new rules in cvs HEAD, which work with cvs HEAD only. These
are al so in the http://www.snort.org/dl/rules/snortrules-current.tar.gz
file.

Hth,
jens

-------------------------------------------------------
This sf.net email is sponsored by: See the NEW Palm
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

---------------------------------
Do you Yahoo!?
U2 on LAUNCH - Exclusive medley & videos from Greatest Hits CD

---------------------------------
Do you Yahoo!?
U2 on LAUNCH - Exclusive medley & videos from Greatest Hits CD

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]