Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-users] snort -T output

from [hallian hallian] Network Security [Permanent Link]
Subject: Re: [Snort-users] snort -T output
Date: Mon, 25 Oct 2004 08:08:26 -0600 
thanks Alex.................

thats what I was looking for.......... appreciate your help......

hallian

From: "Alex Butcher, ISC/ISYS" <Alex.Butcher@bristol.ac.uk>
To: hallian hallian <hallian@hotmail.com>, snort-users@lists.sourceforge.net
Subject: Re: [Snort-users] snort -T output
Date: Mon, 25 Oct 2004 15:06:25 +0100



--On 25 October 2004 07:25 -0600 hallian hallian <hallian@hotmail.com> wrote:

When I update my rules I run snort -T to verify all my rules are GOOD.
But there is no way for me to automate this process so that I can read
the ERROR message to STDOUT to a file.   If the   snort -T does return
ERROR then I want to reverse back to old rules.

HOw can I feedin the output from snort -T or snort -c
/etc/snort/snort.conf -v to STD OUTPUT to a file.

What do you need to do with the output from Snort, that can't be done by checking the return code:

snort >snort.out 2>&1 -T -c /etc/snort/snort.conf
if [ $? -eq 0 ]; then
       echo "rules OK"
       ...
else
       echo "rules broken"
       cat <snort.out
       ...
fi

Any ideas....
thanks
hallian


Best Regards,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9






-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-users] snort -T output, Alex Butcher, ISC/ISYS
Next by Date:  [Snort-users] Danny Li/AP/NSC is out of the office., Danny Li
Previous by Thread:  RE: [Snort-users] snort -T output, Shawn Kottke
Next by Thread:  [Snort-users] Instructions on Snort as Win2k Service?, Aaron Davies
Indexes:  [Date] [Thread] [Top] [All Lists]