I have completed the 0.1 Beta 2 of Baconator and believe it to be fairly stable and user friendly! Please give it a roll (it's not in a tarball yet, so you will have to check it out as noted below) and let me know if you experience any issues or have any updates / features that you would like to see.The timeline:
Release 0.1:(This is complete)
- First Beta Release
- Downloads latest rules file
- Verifies MD5 of local rules file
- If MD5 has not changed from snort.org.. doesn't fetch files again
- handle both rules and so_rules
- Capability to generate stub files
Release 0.2:(I have started to work on this piece, probably finished in a few more weeks)
- Rule modification, i.e. disabling of specific rules within rule sets
- Capability to compile so_rules from source
- Outputs changes in rules files if any rules have been added / modified
- Compares new rules files with current rule sets
- Option to use Emerging-Threats rules in addition to snort.org rules
- Option to define custom URL to fetch rules tarballs from
- Automated retrieval of certain variables (Distro, Snort Version.. etc)
http://code.google.com/p/baconator/
Cheers,
JJC
No comments:
Post a Comment