From 3d8eb3866f3780397b5965f1ccca40490384d2f8 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 13 Jun 2012 07:07:35 +0000 Subject: This is not a playground!!! Revert "snort-dev2, add updated snort.conf for 2.9.2.3" This reverts commit bc2c451e729f31303e687605af16dce80185a646. --- .../bin/oinkmaster_contrib/README.contrib | 84 ---------------------- 1 file changed, 84 deletions(-) delete mode 100644 config/snort-dev2/bin/oinkmaster_contrib/README.contrib (limited to 'config/snort-dev2/bin/oinkmaster_contrib/README.contrib') diff --git a/config/snort-dev2/bin/oinkmaster_contrib/README.contrib b/config/snort-dev2/bin/oinkmaster_contrib/README.contrib deleted file mode 100644 index 6923fa26..00000000 --- a/config/snort-dev2/bin/oinkmaster_contrib/README.contrib +++ /dev/null @@ -1,84 +0,0 @@ -# $Id: README.contrib,v 1.21 2005/10/18 10:41:20 andreas_o Exp $ # - -------------------------------------------------------------------------------- -* oinkgui.pl by Andreas Östling - - A graphical front-end to Oinkmaster written in Perl/Tk. - See README.gui for complete documentation. -------------------------------------------------------------------------------- - - - -------------------------------------------------------------------------------- -* addsid.pl by Andreas Östling - - A script that parses *.rules in all specified directories and adds a - SID to (active) rules that don't have any. (Actually, rev and classtype - are also added if missing, unless you edit addsid.pl and tune this.) The - script first looks for the current highest SID (even in inactive rules) - and starts at the next one, unless this value is below MIN_SID (defined - inside addsid.pl). By default, this value is set to 1000001 since this - is the lowest SID assigned for local usage. Handles multi-line rules. -------------------------------------------------------------------------------- - - - -------------------------------------------------------------------------------- -* create-sidmap.pl by Andreas Östling - - A script that parses all active rules in *.rules in all specified - directories and creates a SID map. (Like Snort's regen-sidmap, but this - one handles multi-line rules.) Result goes to standard output which can - be redirected to a sid-msg.map file. -------------------------------------------------------------------------------- - - - -------------------------------------------------------------------------------- -* makesidex.pl, originally by Jerry Applebaum but later rewritten by - Andreas Östling to handle multi-line rules and - multiple rules directories. - - It reads *.rules in all specified directories, looks for all disabled - rules and prints a "disablesid # " line for each disabled rule. - The output can be appended to oinkmaster.conf. - Useful to new Oinkmaster users. -------------------------------------------------------------------------------- - - - -------------------------------------------------------------------------------- -* addmsg.pl by Andreas Östling : - - A script that will parse your oinkmaster.conf for - localsid/enablesid/disablesid lines and add their rule message as a #comment. - If your oinkmaster.conf looks like this before addmsg.pl has been run: - - disablesid 286 - disablesid 287 - disablesid 288 - - It will look something like this afterward: - - disablesid 286 # POP3 EXPLOIT x86 bsd overflow - disablesid 287 # POP3 EXPLOIT x86 bsd overflow - disablesid 288 # POP3 EXPLOIT x86 linux overflow - - addmsg.pl will not touch lines that already has a comment in them. - It's not able to handle SID lists when written like this: - disablesid 1,2,3, ... - But it should handle them if written like this: - disablesid \ - 1, \ - 2, \ - 3 - - The new config file will be printed to standard output, so you - probably want to redirect the output to a file, for example: - - ./addmsg.pl oinkmaster.conf rules/ > oinkmaster.conf.new - - If oinkmaster.conf.new looks ok, simply rename it to oinkmaster.conf. - Do NOT redirect to the same file you read from, as this will destroy - that file. -------------------------------------------------------------------------------- -- cgit v1.2.3