Snort mailing list archives
Re: snort & acid how-to
From: Arvind Clemente <arvind () controlnet co in>
Date: Thu, 22 Nov 2001 10:40:34 +0530
Hi Brent I have preapered a how to in PDF format explaining configuration of snort +ACID +mysql on REDHAT 6.2. The procedure for installing on FBSD will be same. Regarding Placement of your snort box, place it on the outside, otherwise you will not know the originating ipaddresses. but make sure the box is totally secured. I have explained to secure the box in the same pdf. In my setup i have placed one sensors outside the firewall and one on dmz zone. and they report alets to a central console. The External sensors is physically placed on the switch whose port is a spanning port of the router. For any clarifications you get get in touch with me Thanks and Rgds Arvind Clemente Brent wrote:
i installed snort 1.7 on my FBSD machine...seems to be running ..however ...in the snort.conf ...i had it ( for the moment ) log to syslog...question 1 is ....how do i OR is there a good "how-to " on getting snort to work with mysql ...and acid ? question 2 is ...I have it running on the INSIDE interface ( the box is doing NAT) should i be running it on the inside or outside interface ??any and all help is GREATLY appreciated. :-) thanx Brent
Attachment:
snort_imp_guide.pdf
Description:
Current thread:
- snort & acid how-to Brent (Nov 21)
- Re: snort & acid how-to Arvind Clemente (Nov 21)
- <Possible follow-ups>
- RE: snort & acid how-to Steve Halligan (Nov 21)