[Honeywall] Snort updates

Nelson Williams ngamazo at segurmatica.cu
Wed Jun 27 15:27:41 EDT 2007



The honeywall is updating snort rules using Oinkmaster. But the Oinkmaster
by default don't update the sidmap file for snort, so new update rules will
not be named (displayed as "unknown signature") in the walleye interface.

The script "hwruleupdate" should need to run the following command after
update the snort rules:


create-sidmap.pl /etc/snort/rules/ > /etc/snort/sid-msg.map




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://public.honeynet.org/pipermail/honeywall/attachments/20070627/f32ee774/attachment.html

More information about the Honeywall mailing list