Hi,
I am trying to run Bro v.9a8 on RedHat Enterprise Linux 4.
I have had to modify a few things to get this to run properly, and I'm not
certain everything is working. Does anyone have instructions for
installing bro on RedHat? Or should I just use FreeBSD instead?
Also, I am trying to use newer Snort signatures but am not sure just how
to do so. I had to grab snort2bro from bro v.8a88, since I didn't find
the script in v.9a8. I was able to create a converted file of signatures,
but I'm not sure what to do with it, or how to get it loaded. My questions
are:
1) should this be named *.sig or *.bro
2) where should the file be placed? /usr/local/bro/site/ ?
3) what do I modify (and how) so that these signatures are loaded/used?
Any help would be greatly appreciated.
Thanks!
Joncarlo Ruggieri
University of CA, Davis
Data Center & Client Services
530-752-3963
jruggieri@ucdavis.edu