RE: SNORT + Win32

• Previous message: Kevin Johnson: "BASE development list public"
• Maybe in reply to: just1coder: "SNORT + Win32"
• Next in thread: Martin Roesch: "Re: SNORT + Win32"
• Reply: Martin Roesch: "Re: SNORT + Win32"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 2 May 2005 08:04:23 -0500
To: "just1coder" <just1coder@yahoo.ca>, <focus-ids@securityfocus.com>

For monitoring I use BASE http://secureideas.sourceforge.net/ it is based on the ACID code but is so much nice and faster -----Original Message----- From: just1coder [mailto:just1coder@yahoo.ca] Sent: Friday, April 29, 2005 10:17 AM To: focus-ids@securityfocus.com Subject: SNORT + Win32 Hi, I'm using SNORT and Win32 - so far so good. Are there any tools available commercial or otherwise for monitoring the logs and building reports? Thanks ------------------------------------------------------------------------ -- Stop hurting your network! The NeVO passive vulnerability sensor continuously finds vulnerabilities, applications and new hosts without the need for network scanning. It also finds compromised systems with application-based intrusion detection. Go to http://www.tenablesecurity.com/products/nevo.shtml to learn more. ------------------------------------------------------------------------ -- ----------------------------------------- Disclaimer: This electronic message, including any attachments, is confidential and intended solely for use of the intended recipient(s). This message may contain information that is privileged or otherwise protected from disclosure by applicable law. Any unauthorized disclosure, dissemination, use or reproduction is strictly prohibited. If you have received this message in error, please delete it and notify the sender immediately.

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------

• Previous message: Kevin Johnson: "BASE development list public"
• Maybe in reply to: just1coder: "SNORT + Win32"
• Next in thread: Martin Roesch: "Re: SNORT + Win32"
• Reply: Martin Roesch: "Re: SNORT + Win32"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Info HIDS ... Snort will provide the kind of monitoring you are asking about. ... be configured to monitor an entire network, and output logs in tcp dump, ... >configure an HIDS (tripwire) to get intrusion's information about a Web ... (Security-Basics) Re: Network Traffic Analyzer Recommendations? ... Also available for use with snort are various plugins which enable you ... If you're just after a basic bandwidth monitoring tool, ... worse than using the built-in Windows performance monitoring tools - ... (microsoft.public.windows.server.networking) Re: Snort Monitoring ... can you use SNMP? ... I would think you are looking at monitoring of alerts and not the snort ... Subject: Snort Monitoring ... He makes progress only when he sticks his neck out. ... (Focus-IDS) RE: Snort Monitoring ... is very easily to use and there are numerous walkthroughs / howtos available ... > I am looking for something that will provide monitoring of snort for me. ... (Focus-IDS) .NET performance components? ... Is anybody aware of any .NET components for monitoring the ... like those available for Win32 and written ... in Delphi, such as Colin Wilson's NT components, Alexey Dynnikov's ... and Prof's Performance Monitoring components? ... (borland.public.delphi.non-technical)