[Honeywall] Snort updates

Nelson Williams ngamazo at segurmatica.cu
Wed Jun 27 15:27:41 EDT 2007


Hello 

 

The honeywall is updating snort rules using Oinkmaster. But the Oinkmaster
by default don't update the sidmap file for snort, so new update rules will
not be named (displayed as "unknown signature") in the walleye interface.

The script "hwruleupdate" should need to run the following command after
update the snort rules:

 

create-sidmap.pl /etc/snort/rules/ > /etc/snort/sid-msg.map

 

Brgds.

nelson

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://public.honeynet.org/pipermail/honeywall/attachments/20070627/f32ee774/attachment.html


More information about the Honeywall mailing list