TOTAL
Since dec 2006
1'942'871 Visitors
4'218'042 Pages

Nov 2010 Stats
82'909 Visitors
146'476 Pages
196 countries
Full statistics



Help us translate
our tutorials!

JOIN the
OpenManiak Team.
OM TEAM
Director:
Blaise Carrera
Tutorials creation:
Blaise Carrera
Translaters:
Giovanni Fredducci
Angel Chraniotis
Moham. H. Karvan
Alexandro Silva
Blaise Carrera
Andrei Chertolyas
Sergiy Uvarov
Nickola Kolev
Łukasz Nowatkowski
Ivo Raisr
Catalin Bivolaru
Bogdan A. Costea
Kirill Simonov
Oliver Mucafir
JaeYoung Jeon
Seungyoon Lee
Jie Yu & Si Cheng
Tao Wei
YukiAlex
Fumihito Yoshida
Muhammad Takdir
Çağdaş Tülek
Auditors
Leslie Luthi
Joe Anderson
Jennifer Ockwell
Nigel Titley
Alison Rees
Sabrina Barbey
Webmaster:
Blaise Carrera
SNORT_INLINE - The Easy Tutorial - The Bleegindsnort Rules

Snort_Inline Bleeding Rules
Last Change : Apr 23 2007 french flagenglish flag


Tool
Install
Ergonomy
Forum



Details What is Snort_Inline?
Screenshots
Prerequisites
Installation
Oinkmaster - Snort Rules
Oinkmaster - Bleeding Rules
Run Snort_Inline
BASE
Bridging




If you like our tutorials, don't hesitate to support us and visit our sponsors!
Si vous aimez nos tutoriaux, n'hésitez pas à nous supporter et visiter nos sponsors!


THE BLEEDING SNORT RULES

You can use another set of rules for Snort_Inline made by a free and dynamic community:
http://www.bleedingsnort.com
The difference with the snort rules made by Sourcefire is that you can get the rules for free immediately after their releases.

Another piece of good news is that you can use the Oinkmaster perl script to download and update the bleeding rules.

Open /etc/oinkmaster.conf and add the following line to update the rules:

url = http://www.bleedingsnort.com/bleeding.rules.tar.gz
We then need to add the following lines inside /etc/snort_inline/snort_inline.conf

include $RULE_PATH/bleeding.rules
include $RULE_PATH/bleeding-attack_response.rules
include $RULE_PATH/bleeding-dos.rules
include $RULE_PATH/bleeding-drop.rules
include $RULE_PATH/bleeding-dshield.rules
include $RULE_PATH/bleeding-exploit.rules
include $RULE_PATH/bleeding-game.rules
include $RULE_PATH/bleeding-inappropriate.rules
include $RULE_PATH/bleeding-malware.rules
include $RULE_PATH/bleeding-p2p.rules
include $RULE_PATH/bleeding-scan.rules
include $RULE_PATH/bleeding-web.rules
They indicate which rules will be used. If you add a "#" at the beginning of certain chosen lines, the corresponding rules will not be used. Running the oinkmaster script will download the bleeding rules and tell you if there is a problem:

#su oinkmaster
#oinkmaster -o /etc/snort_inline/rules -b /etc/snort_inline/backup 2>&1





If you liked our tutorials, don't hesitate to support us and visit our sponsors!
Si vous aimez nos tutoriaux, n'hésitez pas à nous supporter et visiter nos sponsors!