From owner-freebsd-questions  Wed Jan 10  1:10:35 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from obelix.rby.hk-r.se (obelix-140.rby.hk-r.se [194.47.140.4])
	by hub.freebsd.org (Postfix) with ESMTP id 1356537B401
	for <freebsd-questions@freebsd.org>; Wed, 10 Jan 2001 01:10:17 -0800 (PST)
Received: from ogre.rby.hk-r.se (ogre [194.47.134.178])
	by obelix.rby.hk-r.se (8.10.2/8.10.2) with ESMTP id f0A9AE612749;
	Wed, 10 Jan 2001 10:10:15 +0100 (MET)
Received: from localhost (t98pth@localhost)
	by ogre.rby.hk-r.se (8.10.2/8.10.2) with ESMTP id f0A9ABu09474;
	Wed, 10 Jan 2001 10:10:12 +0100 (MET)
Date: Wed, 10 Jan 2001 10:10:11 +0100 (MET)
From: =?ISO-8859-1?Q?P=E4r_Thoren?= <t98pth@student.hk-r.se>
To: Darryl Hoar <darryl@osborne-ind.com>
Cc: freebsd-questions@freebsd.org
Subject: Re: Snort
In-Reply-To: <000701c07a67$034afc80$0701a8c0@ruraltel.net>
Message-ID: <Pine.GSO.4.21.0101101008480.9403-100000@ogre.rby.hk-r.se>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: QUOTED-PRINTABLE
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG



http://www.snort.org has a "Rule generator". Also good documentation on
writing your own rules.

/P=E4r


On Tue, 9 Jan 2001, Darryl Hoar wrote:

> Greetings,
> I am running FreeBSD 4.0.  I installed snort from my
> distro cd.  I need a bit of info about snort.  I want to
> use it as the intrusion detection.  Where can I get
> an example set of rules to do this ?
>=20
> thanks for the info,
> Darryl
>=20
>=20
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>=20



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message