Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort Rules and category questions

    pfSense Packages
    1
    1
    1039
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      RubenMuradyan
      last edited by

      Hi there, ppl!
      I have 2 questions, which are perhaps stupid, but I hadn't found answers yet.
      1. Shall I use EmergingThreats rules as an addition to VRT rules, or as a substitution to VRT rules?
      The main idea is to minimize memory foortprint of Snort processes.
      2. Is there (and if it exists, where) a thorough documentation about categories of rules for both VRT and Emerging threats?
      There is some small piece of doc in EmergingThreats Wiki (http://doc.emergingthreats.net/bin/view/Main/EmergingFAQ), but I wanted to get more deep look on those categories. I understand, that the best way is to analyze rules one by one, but it will take weeks, which I don't have.

      Thank in advance.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post