The tool you are looking for is called Oinkmaster
(
http://oinkmaster.sourceforge.net/)
Best regards
Michael Boman
On Mon, Jun 30, 2008 at 3:07 AM, newsecurityguy <
JBASKEW@...> wrote:
>
> I know this is not really the place for this question but I have had no luck
> elsewhere. Currently, snort is set to update to the newest rule set on a
> daily basis, which is what I want. However, I also need to suppress some
> SIDS, which I have always done by editing the snort.conf file. When the
> updates occur, it appears as if snort.conf is overwritten with a new
> version, as the changes I make to the file do not last more than 24 hours
> before disappearing out of the snort.conf. Am I correct in assuming this is
> what is occurring? Is there any other way to easily suppress events without
> having to edit the file after each update?
> --
> View this message in context:
http://www.nabble.com/snort--updates-and-changes-to-snort.conf-tp18187204p18187204.html> Sent from the Security Basics mailing list archive at Nabble.com.
>
>
--
http://michaelboman.org - Security Blog & Wiki
Custom Laptop Skins @
http://michaelboman.org/wiki/index.php?title=Custom_Laptop_SkinsJoin the Singapore Security Meetup Group @
http://security.meetup.com/77/
