|
Title: Update custom Snort rules from snort.org Post by: xxxx on Monday 14 June 2010, 09:22:30 am I used the Snort rules from emergingthreads.net and as custom rules the rules from snort.org to update the custom rules we make two scripts one for the Subscription Release one for the Registered-user release. Save the right script open the file write by xxxxxxxxxxxxxxxxxxxxx your Oinkcode between the " safe the file as "update_snort.sh". Copy the saved file to /etc/ make chmod 744 and a crontab entry or create a symlink to the script in /etc/cron.daily/ or /etc/cron.hourly/ or /etc/cron.weekly/
Title: Re: Update custom Snort rules from snort.org Post by: vondie on Tuesday 10 August 2010, 01:28:02 am Good stuff...
To make it work please change the following lines which contain: snort_rule="http://dl.snort.org/reg-rules/snortrules-snapshot-2853.tar.gz" snort_md5="http://dl.snort.org/reg-rules/snortrules-snapshot-2853.tar.gz.md5" to snort_rule="http://www.snort.org/pub-bin/oinkmaster.cgi/$my_oinkcode/snortrules-snapshot-2853.tar.gz" snort_md5="http://www.snort.org/pub-bin/oinkmaster.cgi/$my_oinkcode/snortrules-snapshot-2853.tar.gz.md5" |