oinkmaster for Debian --------------------- There is currently no automatic mechanism in place to update the Snort signatures through Cron. If you wish to enable such a mechanism you'll have to write it yourself. Note that oinkmaster will not auto-detect the Snort version you are using, since Snort rules do not specify the version you should be careful and review which ruleset is being downloaded before activating such a task. The default configuration for oinkmaster uses the latests Snort Debian release available. The default Debian configuration only allows root to download the rulesets by using /var/run/oinkmaster and restricting permissions in that directory. $TMP or /tmp are not used in order to avoid symlink attacks. It also avoids the use of external binaries so that system() calls are also avoided, you will need to install some additional Perl libraries (included in the following packages: libio-zlib-perl, libwww-perl, libarchive-tar-perl) -- Javier Fernandez-Sanguino Pen~a , Mon, 13 Sep 2004 16:15:26 +0200