Snort mailing list archives
RE: Snort front ends
From: "Jerry Shenk" <jshenk () decommunications com>
Date: Thu, 13 Jun 2002 10:53:33 -0400
Snortsnarf is what I used before. The main thing I like about having an SQL back end is that low, slow scans might be recognizable and it's possible to keep history around and more available almost indefinitely. -----Original Message----- From: Anthony Scott [mailto:ascott () triadfoodsgroup com] Sent: Thursday, June 13, 2002 10:33 AM To: jas () dect com Subject: RE: [Snort-users] Snort front ends SnortSnarf is nice also... very easy to implement. Works with *nix and Windows. Find it here: http://www.silicondefense.com/software/snortsnarf/index.htm -----Original Message----- From: jas () dect com [mailto:jas () dect com] Sent: Thursday, June 13, 2002 9:05 AM To: Snort-Users@Lists. Sourceforge. Net Subject: RE: [Snort-users] Snort front ends Very cool! That's perfect. That's just about perfect! I only have one sensor box (public (read-only) and private ports). Thanks!! Thanks to Steven Scott for putting the document together! -----Original Message----- From: Kristopher Czachor [mailto:czachor () syrres com] Sent: Thursday, June 13, 2002 9:42 AM To: jas () dect com Subject: RE: [Snort-users] Snort front ends I'm using Snort + MySQL + ACID for monitoring my network and it's pretty straight forward to use and implement. One of the users on this list wrote some nice documentation on how he got the ACID set up and working. You can find the documentation at http://home.earthlink.net/~sjscott007/ . Although I didn't use this documentation, I did look it over and it seemed pretty through. Of course, I'm assuming that you're going to be using the Linux distribution. I'm not using the windows so if you're planning on using that that particular document won't apply. HTH, Kris -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of jas () dect com Sent: Wednesday, June 12, 2002 11:09 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Snort front ends I've gotten seriously out of the loop on Snort for awhile. I use it pretty often but it's installed in the "dump to syslog" mode and then the syslog file is monitored. What's the latest on a web-based front-end? I'm putting a box in place and would like a nice graphical front end. How big a deal is getting Snort and MySQL running? I have 1.8.6 running. _______________________________________________________________ Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users **DISCLAIMER This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business. _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Snort front ends jas (Jun 13)
- <Possible follow-ups>
- RE: Snort front ends jas (Jun 13)
- RE: Snort front ends Jerry Shenk (Jun 13)
- RE: Snort front ends Jerry Shenk (Jun 13)