[Oisf-users] Oinkmaster vs Pulled Pork

[Cooper F. Nelson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I still use oinkmaster; it works well for the most part with the caveat
that I haven't been able to figure out how to get it to ignore rules
that already have a keyword (e.g. "threshold") set.  I have to do some
funky post-processing to get around that.

Other than that it does everything I would expect it to.

- -Coop

On 5/15/2014 11:46 AM, Brant Wells wrote:
> Hi All,
> 
> I am rebuilding my Suricata box once again, and I was just curious if
> everyone is still using oinkmaster for the rule management?  I've been
> made aware of some other tools that may also be used, but I figured I'd
> get some input from the community first.
> 
> What do you use for rule management?  Oinkmaster, PulledPork, or
> something else?
> 
> See yas!
> ~Brant Wells
> Network Administrator
> Toccoa Falls College
> 107 Kincaid Drive Toccoa Falls, GA 30598
> 706-886-7299 x5346 * bwells at tfc.edu <mailto:bwells at tfc.edu>
> *
> *
> *
> *
> 
> 
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
> 


- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTdRFQAAoJEKIFRYQsa8FWEMMIAMx8UASqsqG5msvPobtB7C08
BwCJpTUb6i+fs+AMrssIeFacWtVrazjqDyeIlyYWybHm3lwiqt2gj8ZCV5thi2GR
JISvajG07isecvJgZiiuE7e57jHT5oijQa0T8F5V5B28/68wG4FSCxF1JtZRtAJL
TYGVoTDPDbdkGOAPTO9EsBkng72kna+usTF1ImqQ6kdsSr8/iUmjHnUfoqd1xU54
gBXgp2qevLFW7nmllKghSa7JCv4leyBmLHNzs/LHo4w+hZoO9XCrWPLpv49bTllX
jWore5kt1fmJPSOEcZeI4pBvXTRMvWdd9OB0140e3bIYYH0wB0wtybBRaHb1YGo=
=8ST7
-----END PGP SIGNATURE-----