snortconfig

snortconfig is a rules modification system for snort that is generated from a configuration file. This allows a user to keep their ruleset updated without too much of a headache. Configuration is done using a basic INI style configuration.

snortconfig supports three methods of configuration of rules. The methods are specifing what rules to apply changes to. These methods are files, sids, and classifications. This allows make broad changes to snort rules very quickly.

LICENSE
EXAMPLE.config An example for normal users
HONEYNET.config - An example for honeynet users
snortconfig.8 - snortconfig manual

NOTE

snortconfig is an executable provided by a Snort parsing module that I am maintaining. It is installed with the distribution of Net::Snort::Parser.

CVS

http://cvs.shmoo.com/view/projects/snort-config/

Download

Net-Snort-Parser-1.44.tar.gz

Latest Changes

Verify relative options are not used on location keywords (http_uri, http_cookie, etc)
Add support for CVS, DCERPC2, and TOS keywords

Brian Caswell

Pedantic & Academic

snortconfig

NOTE

CVS

Download

Latest Changes