snort-users May 2009 archive
Main Archive Page > Month Archives  > snort-users archives
snort-users: Re: [Snort-users] Rule Update Issue

Re: [Snort-users] Rule Update Issue

From: JJ Cummings <cummingsj_at_nospam>
Date: Tue May 12 2009 - 15:09:58 GMT
To: Jeff Dell <jdell@activeworx.com>


s/chron/cron/

On Tue, May 12, 2009 at 8:54 AM, JJ Cummings <cummingsj@gmail.com> wrote:

> Just what Jeff said but I have included the links to some tools that may
> assist you.
>
> Depending on your needs, there are a few tools out there that will handle
> this automatically (if scheduled in chron or as a scheduled task) Of course
> I have not personally tried either on windows, but assuming that you have a
> perl interpreter running properly and the apt libs should be just fine.
>
> Oinkmaster: http://oinkmaster.sourceforge.net/
> Baconator: http://code.google.com/p/baconator/
>
> JJC
>
>
> On Tue, May 12, 2009 at 8:29 AM, Jeff Dell <jdell@activeworx.com> wrote:
>
>> IDS Policy Manager does not auto-update rules. You will need to update
>> them
>> manually.
>>
>> Cheers,
>> Jeff
>>
>> -----Original Message-----
>> From: sachin kokcha [mailto:sachin.kokcha@ril.com]
>> Sent: Tuesday, May 12, 2009 9:21 AM
>> To: snort-users@lists.sourceforge.net
>> Cc: Ramamohan Vatyam
>> Subject: [Snort-users] Rule Update Issue
>>
>> Dear Snort Gurus',
>>
>> The problem we are facing is like we till date not getting automatic
>> updates of the rules on our Snort IDS Box. Most of the time we perform
>> update task manually only.
>>
>> Our Configuration :
>> OS : *Windows Server 2003*
>> Snort Version : *2_8_3_1_Installer*
>> IDS Policy Manager Version :* 2.2*
>>
>>
>> Policy Manager Setting Misc' Settings:
>> Oink Code :*451f07091a2ca19772f322800ca1351fcef7e12a*
>> Check for updates :*Weekly*
>> Backup Database :*Weekly*
>> Policy Cache Timeout :*24 Hours *
>> Remove Old Rule : *Check box checked*
>> Proxy setting also properly configured in IDS Policy Manager.
>>
>> Can somebody help us on this issue.
>>
>> Thanks in advance
>> Sachin Kokcha
>> "Confidentiality Warning: This message and any attachments are intended
>> only
>> for the use of the intended recipient(s).
>> are confidential. and may be privileged. If you are not the intended
>> recipient. you are hereby notified that any
>> review. re-transmission. conversion to hard copy. copying. circulation or
>> other use of this message and any attachments is
>> strictly prohibited. If you are not the intended recipient. please notify
>> the sender immediately by return email.
>> and delete this message and any attachments from your system.
>>
>> Virus Warning: Although the company has taken reasonable precautions to
>> ensure no viruses are present in this email.
>> The company cannot accept responsibility for any loss or damage arising
>> from
>> the use of this email or attachment."
>>
>>
>>
>> ----------------------------------------------------------------------------
>> --
>> The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
>> production scanning environment may not be a perfect world - but thanks to
>> Kodak, there's a perfect scanner to get the job done! With the NEW KODAK
>> i700
>> Series Scanner you'll get full speed at 300 dpi even with all image
>> processing features enabled. http://p.sf.net/sfu/kodak-com
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users@lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users<https://lists.sourceforge.net/lists/listinfo/snort-users%0ASnort-users>list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>>
>>
>> ------------------------------------------------------------------------------
>> The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
>> production scanning environment may not be a perfect world - but thanks to
>> Kodak, there's a perfect scanner to get the job done! With the NEW KODAK
>> i700
>> Series Scanner you'll get full speed at 300 dpi even with all image
>> processing features enabled. http://p.sf.net/sfu/kodak-com
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users@lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users<https://lists.sourceforge.net/lists/listinfo/snort-users%0ASnort-users>list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>
>
>
>



The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com



Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users