RE: Snort Monitoring

From: Brennen Reynolds (bereynolds@ucdavis.edu)
Date: 10/29/02

Previous message: Todd Holloway: "Re: Snort Monitoring"
In reply to: Scott M. Algatt: "Snort Monitoring"
Next in thread: Chris Fairbourne: "RE: Snort Monitoring"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Brennen Reynolds" <bereynolds@ucdavis.edu>
To: "Scott M. Algatt" <salgatt@turtleshell.net>, <focus-ids@securityfocus.com>
Date: Mon, 28 Oct 2002 15:49:00 -0800

Scott,

I would suggest you check out ACID (Analysis Console for Intrusion
Databases) at http://www.andrew.cmu.edu/~rdanyliw/snort/snortacid.html. It
is very easily to use and there are numerous walkthroughs / howtos available
that describe how to set it up (check the Setup Guide section of
http://www.snort.org/docs/). Hope that helps.

Brennen Reynolds
Off-Piste Consulting, LLC

> -----Original Message-----
> From: Scott M. Algatt [mailto:salgatt@turtleshell.net]
> Sent: Monday, October 28, 2002 5:47 AM
> To: focus-ids@securityfocus.com
> Subject: Snort Monitoring
>
>
> All,
>
> I am looking for something that will provide monitoring of snort for me.
> I have several remote installs of Snort 1.9 and need to find a way to
> monitor them to make sure they are operational.
>
>
> Regards,
>
> Scott M. Algatt
>
> Behold the turtle. He makes progress only when he sticks his neck out.

Previous message: Todd Holloway: "Re: Snort Monitoring"
In reply to: Scott M. Algatt: "Snort Monitoring"
Next in thread: Chris Fairbourne: "RE: Snort Monitoring"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: SNORT + Win32
... For monitoring I use BASE http://secureideas.sourceforge.net/ it is based on the ACID code but is so much nice and faster ... I'm using SNORT and Win32 - so far so good. ... Any unauthorized disclosure, dissemination, use or reproduction is strictly prohibited. ...
(Focus-IDS)
Re: Info HIDS
... Snort will provide the kind of monitoring you are asking about. ... be configured to monitor an entire network, and output logs in tcp dump, ... >configure an HIDS (tripwire) to get intrusion's information about a Web ...
(Security-Basics)
Re: Network Traffic Analyzer Recommendations?
... Also available for use with snort are various plugins which enable you ... If you're just after a basic bandwidth monitoring tool, ... worse than using the built-in Windows performance monitoring tools - ...
(microsoft.public.windows.server.networking)
Re: Snort Monitoring
... can you use SNMP? ... I would think you are looking at monitoring of alerts and not the snort ... Subject: Snort Monitoring ... He makes progress only when he sticks his neck out. ...
(Focus-IDS)
Re: Any Good Intrusion detection Software?
... Snort is the best, ... There are many HOWTOs available for Snort on Windows - try, for example, ... I'm also not sure if it is compatable with Windows ... Any MVP out there who might help. ...
(microsoft.public.security)