Automatically Updating Snort Rules
121
    
tar  zxf snortrules.tar.gz
rm  f snortrules.tar.gz
# Make a backup copy of existing rules
mv $RULESDIR/*.rules $RULESDIRBAK
# Copy new rules to the location
mv /tmp/rules/*.rules $RULESDIR
Let us explore how this script works. The following lines simply set some vari 
ables.
RULESDIR=/etc/snort
RULESDIRBAK=/etc/snort/bak
WGETPATH=/usr/bin
RULESURI=http://www.snort.org/downloads/snortrules.tar.gz
The following three lines are used to go to /tmp directory, remove any existing
directory /tmp/rules and download the snortrules.tar.gz file from the URI
specified by the $RULESURI variable.
cd /tmp
rm  rf rules
$WGETPATH/wget $RULESURI
After downloading, you extract the rules files from snortrules.tar.gz file
and then delete it using the following two lines. The files extracted are placed in  /
tmp/rules directory. 
tar  zxf snortrules.tar.gz
rm  f snortrules.tar.gz
The following line makes a backup copy of existing rules files, just in case you
need the old copy later on.
mv $RULESDIR/*.rules $RULESDIRBAK
The last line in the script moves new rules from /tmp/rules directory to the
actual rules directory /etc/snort where Snort can read them.
mv /tmp/rules/*.rules $RULESDIR
Make sure to restart Snort after running this script. If you have a start script like
the one described in Chapter 2, you can add a line at the end of the shell script to restart
Snort.
/etc/init.d/snortd restart
You may also restart Snort using the command line.






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

toronto web hosting

 

Our partners: PHP: Hypertext Preprocessor Cheap Web Hosting JSP Web Hosting Ontario Web Hosting  Jsp Web Hosting

Cheapest Web Hosting Java Hosting Cheapest Hosting

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved