Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 14 November 2024, 08:48:00 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14255 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Development
| |-+  Contribute Your Customisations & Modifications
| | |-+  Update custom Snort rules from snort.org
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Update custom Snort rules from snort.org  (Read 35763 times)
xxxx
Jr. Member
*
Offline Offline

Posts: 9


« on: Monday 14 June 2010, 09:22:30 am »

I used the Snort rules from emergingthreads.net and as custom rules the rules from snort.org to update the custom rules we make two scripts one for the Subscription Release one for the Registered-user release. Save the right script open the file write by xxxxxxxxxxxxxxxxxxxxx your Oinkcode between the " safe the file as "update_snort.sh". Copy the saved file to /etc/ make chmod 744 and a crontab entry or create a symlink to the script in /etc/cron.daily/ or /etc/cron.hourly/ or /etc/cron.weekly/
Logged
vondie
Full Member
***
Offline Offline

Posts: 22


« Reply #1 on: Tuesday 10 August 2010, 01:28:02 am »

Good stuff...

To make it work please change the following lines which contain:

snort_rule="http://dl.snort.org/reg-rules/snortrules-snapshot-2853.tar.gz"
snort_md5="http://dl.snort.org/reg-rules/snortrules-snapshot-2853.tar.gz.md5"


to

snort_rule="http://www.snort.org/pub-bin/oinkmaster.cgi/$my_oinkcode/snortrules-snapshot-2853.tar.gz"
snort_md5="http://www.snort.org/pub-bin/oinkmaster.cgi/$my_oinkcode/snortrules-snapshot-2853.tar.gz.md5"
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 17 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com