[Mageia-dev] [changelog] [RPM] cauldron core/release snort-2.9.4-1.mga3
Guillaume Rousse
guillomovitch at gmail.com
Tue Dec 4 09:30:59 CET 2012
Le 04/12/2012 03:12, dlucio a écrit :
> Description :
> Snort is a libpcap-based packet sniffer/logger which can be used as a
> lightweight network intrusion detection system. It features rules based logging
> and can perform protocol analysis, content searching/matching and can be used
> to detect a variety of attacks and probes, such as buffer overflows, stealth
> port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
> Snort has a real-time alerting capabilty, with alerts being sent to syslog, a
> separate "alert" file, or as a WinPopup message via Samba's smbclient
This is perfectly enough as package description. Everything else is
package usage documentation, and should go elsewhere, such as a
README.mga file.
> This rpm is different from previous rpms
Which ones ?
> and while it will not clobber
> your current snort file, you will need to modify it.
As for every other package.
> There are 9 different packages available
>
> All of them require the base snort rpm. Additionally, you will need
> to chose a binary to install.
>
> /usr/sbin/snort should end up being a symlink to a binary in one of
> the following configurations. We use update-alternatives for this.
> Here are the different packages along with their priorities.
>
> plain(10) plain+flexresp(11) mysql(12)
> mysql+flexresp(13) postgresql(14) postgresql+flexresp(15)
> bloat(16) inline(17) inline+flexresp(18)
> prelude(19) prelude+flexresp(20)
The day you'll modify those priorities, you'll have to modify those
values too.
> Please see the documentation in /usr/share/doc/snort
As for every other package.
--
BOFH excuse #388:
Bad user karma.
More information about the Mageia-dev
mailing list