Snort mailing list archives
Re: Intro to Snort
From: Neil Dickey <neil () geol niu edu>
Date: Tue, 1 May 2001 09:15:27 -0500 (CDT)
"Barry Treahy, Jr." <treahy () mmaz com> wrote asking:
Greetings, I'm just joining in and I'm interested in the types of success folks have had using Snort as an IDS. Anyone have a good How-To or FAW on this particular issue?
The best "how-to" is to go to www.snort.org and read the page on "Writing Snort Rules." The link to it is in the left pane. There is also a link page leading to other sites with snort-related material or which have to do with other security issues. I'm relatively new to this forum myself, but in my limited experience "success" hereabouts means that you got it in, operating, and logging the sorts of things that interest you. Essentially all of the list traffic has to do with achieving that happy state. Once arrived at, folks tend to fall silent except when they can help someone else get there too. Snort is an extremely good bit of IDS software, but I can't remember ever seeing a "Whoopeee, I caught the wretch" posting. That seems to be a somewhat personal event -- largely, I expect, because publishing an account of a "successful" use of your IDS system would tell the whole world about your security arrangements in some detail. Best regards, Neil Dickey, Ph.D. Research Associate/Sysop Geology Department Northern Illinois University DeKalb, Illinois 60115 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Intro to Snort Barry Treahy, Jr. (Apr 30)
- Re: Intro to Snort Martin Roesch (May 06)
- <Possible follow-ups>
- Re: Intro to Snort Neil Dickey (May 01)
- Re: Intro to Snort Lance Spitzner (May 01)