O'Reilly logo

Intrusion Detection Systems with Snort: Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID by Rafeeq Ur Rehman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

3.9. Automatically Updating Snort Rules

There are multiple tools available to update Snort signatures. When using any of these tools you must be careful because you may accidentally modify or delete your customized rules. I shall discuss two methods of updating rules.

3.9.1. The Simple Method

This method consists of a simple shell script. It requires that you have wget program installed on your system. The wget program is used to retrieve any file using HTTP protocol. In essence, it is just like a web browser, but it retrieves one file from a command line argument.

 #!/bin/sh # Place of storing your Snort rules. Change these variables # according to your installation. RULESDIR=/etc/snort RULESDIRBAK=/etc/snort/bak # Path to wget program. Modify ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required