Barnyard2 と BASE のインストールも含まれている Ubuntu 12.04 に Snort をインストールするように構成しました。Snort の Web サイトでダウンロード可能なルールを使用していますが、oinkcode.
しかし、/etc/snort/rulesすべてのルールがあるディレクトリに抽出したルールを調査した後、それらのルールはすべて空です。ルールの 1 つを次に示します。
# Copyright 2001-2013 Sourcefire, Inc. All Rights Reserved.
#
# This file contains (i) proprietary rules that were created, tested and certified by
# Sourcefire, Inc. (the "VRT Certified Rules") that are distributed under the VRT
# Certified Rules License Agreement (v 2.0), and (ii) rules that were created by
# Sourcefire and other third parties (the "GPL Rules") that are distributed under the
# GNU General Public License (GPL), v2.
#
# The VRT Certified Rules are owned by Sourcefire, Inc. The GPL Rules were created
# by Sourcefire and other third parties. The GPL Rules created by Sourcefire are
# owned by Sourcefire, Inc., and the GPL Rules not created by Sourcefire are owned by
# their respective creators. Please see http://www.snort.org/snort/snort-team/ for a
# list of third party owners and their respective copyrights.
#
# In order to determine what rules are VRT Certified Rules or GPL Rules, please refer
# to the VRT Certified Rules License Agreement (v2.0).
#
#------------
# SCAN RULES
#------------
これらのルールの何が問題なのかを指摘してくれる人はいますか? snortrules-snapshot-2970.tar.gzを使用した oinccode をダウンロードしましたsnort-2.9.7.0。解決策はありますか?必要に応じて、snort 構成ファイル (snort.conf) も投稿できますが、投稿で短くする方法がわかりません。