Educause Security Discussion mailing list archives
Re: Snort Reporting
From: Leon DuPree <duprleo () GMAIL COM>
Date: Fri, 24 Apr 2009 17:59:55 -0400
Snort is open source. "Free"? Did you configure the IDS or someone else? On Fri, Apr 24, 2009 at 7:56 AM, Hammond, Stanley <shammond () capecod edu>wrote:
We use Snort with Prelude IDS (http://www.prelude-ids.com) Snort needs to be (re)compiled with the Prelude library, and the Prelude manager can email notifications based on different triggers. Stan Hammond Information Security Specialist Cape Cod Community College West Barnstable, MA *From:* The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *King, Ronald A. *Sent:* Thursday, April 23, 2009 4:25 PM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Snort Reporting We have deployed Snort configured to use MySQL through Barnyard with BASE as the reporting tool. We are looking for an open source utility to monitor the database and generate email notifications on certain triggers like filter name, classification or SID. Does anyone have suggestions? Thank you. *Ronald King* *Security Engineer* *Norfolk State University* *Marie V. McDemmond Center for Applied Research * *Suite 401 * *700 Park Ave.* *Norfolk, Virginia 23504* *Phone: 757-823-3918* *Email: raking () nsu edu* *http://security.nsu.edu*
-- EIM Consulting PO Box 320822 Flint Township, MI 48532 Leon DuPree B.S MBA Chief Security Consultant Phone: 810-569-6427 Fax: 270- 447-3872
Current thread:
- Snort Reporting King, Ronald A. (Apr 23)
- <Possible follow-ups>
- Re: Snort Reporting Hammond, Stanley (Apr 24)
- Re: Snort Reporting Leon DuPree (Apr 24)
- Re: Snort Reporting Hammond, Stanley (Apr 27)
- Re: Snort Reporting Leon DuPree (Apr 27)
- Re: Snort Reporting Leon DuPree (Apr 27)
- Re: Snort Reporting King, Ronald A. (Apr 28)
- Re: Snort Reporting Leon DuPree (Apr 28)