Educause Security Discussion mailing list archives

Re: Snort Reporting

From: Leon DuPree <duprleo () GMAIL COM>
Date: Fri, 24 Apr 2009 17:59:55 -0400

Snort is open source. "Free"?  Did you configure the IDS or someone else?





On Fri, Apr 24, 2009 at 7:56 AM, Hammond, Stanley <shammond () capecod edu>wrote:

 We use Snort with Prelude IDS (http://www.prelude-ids.com)

Snort needs to be (re)compiled with the Prelude library, and the Prelude
manager can email notifications based on different triggers.



Stan Hammond

Information Security Specialist

Cape Cod Community College

West Barnstable, MA





*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *King, Ronald A.
*Sent:* Thursday, April 23, 2009 4:25 PM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* [SECURITY] Snort Reporting



We have deployed Snort configured to use MySQL through Barnyard with BASE
as the reporting tool.  We are looking for an open source utility to monitor
the database and generate email notifications on certain triggers like
filter name, classification or SID.  Does anyone have suggestions?



Thank you.



*Ronald King*

*Security Engineer*

*Norfolk State University*

*Marie V. McDemmond Center for Applied Research *

*Suite 401 *

*700 Park Ave.*

*Norfolk, Virginia  23504*

*Phone:  757-823-3918*

*Email: raking () nsu edu*

*http://security.nsu.edu*




--
EIM Consulting
PO Box 320822
Flint Township, MI 48532
Leon DuPree B.S MBA
Chief Security Consultant
Phone: 810-569-6427
Fax: 270- 447-3872

Current thread:

Snort Reporting King, Ronald A. (Apr 23)
- <Possible follow-ups>
- Re: Snort Reporting Hammond, Stanley (Apr 24)
- Re: Snort Reporting Leon DuPree (Apr 24)
- Re: Snort Reporting Hammond, Stanley (Apr 27)
- Re: Snort Reporting Leon DuPree (Apr 27)
- Re: Snort Reporting Leon DuPree (Apr 27)
- Re: Snort Reporting King, Ronald A. (Apr 28)
- Re: Snort Reporting Leon DuPree (Apr 28)