acid emailing problem help

["Michael Scheidell" <scheidell () fdma com>]

> Date: Wed, 5 Dec 2001 18:33:00 -0600
> From: "Ronneil Camara" <ronneilc () remingtonltd com>
> To: <snort-users () lists sourceforge net>
> Subject: [Snort-users] acid emailing problem help
>
> Help again,
>
> How would I setup acid so that when it sees an attack, it's gonna email
> me? I have already created an AG group, and selected Email alerts full,
> and on the space, I wrote my email address. But it doesn't mail me.

You have to manually email it to you (ie, there is no background task that
monitors/emails)

You have options:
A) modify (replace with perl/shell script?) smblclient so it emails you
instead of smb popups.
B) use swatch. or other logger program to watch log and email you
C) write a barnyard plugin ot do same
D) ask me for patches to snort 1.8.1-2 (not tried on 1.8.3) that add
smb_alert plugin.
--

Michael Scheidell
Florida Datamation, Inc. Internet Security
scheidell () fdma com 1+(561) 368-9561
See updated IT Security News at http://www.fdma.com/
After system Compromise : http://www.cert.org/tech_tips/



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users