Tuesday, December 6, 2011

VRT Snort.conf example files

Earlier today a Snort community member was asking where the most current snort.conf example files are that we (the VRT) use to test our rules with.

As the snort.conf that is contained inside the etc/ directory of the Snort tarball is a snapshot in time (at the time of the tarball release), it's necessary to occasionally update the snort.conf in order to take advantage of updated settings for the preprocessors and include new rule files.

So, in order to provide the latest functionality for all our users, the snort.conf files that are contained within the subscriber tarball are now listed http://www.snort.org/vrt/snort-conf-configurations/ here.

Also, we've included the automatically generated gen-msg.map and sid-msg.map file so that people may use those as well if you don't use a tool like PulledPork to automatically generate these files.

To stay current on the discussions surrounding all things Snort, we recommend you subscribe to the Snort Mailing lists found here: http://www.snort.org/community/mailing-lists

In order to subscribe now to the VRT's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at http://www.snort.org/store. Make sure and stay up to date to catch the most emerging threats!

1 comment:

  1. That is a great snorting post! Loos like these updates will help a lot. Thanks for that

    ReplyDelete