Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: stripped-down snort/mysql for newbie

From: twig les <twigles () yahoo com>
Date: Fri, 26 Jul 2002 09:38:36 -0700 (PDT)
Since we don't have a whole lotta alerts we just use
syslog and it saves us a buncha headaches.  Now we can
sift thru Cisco and Sun logs, then cd over the snort
directory.  Simple (but won't scale well).

--- Erek Adams <erek () theadamsfamily net> wrote:

On Thu, 25 Jul 2002, joe van wrote:


Hello, all.  I got the IDS R&D project at work and

I figured that the pig

was just as good as any commercial distribution

w/o having to spend 20

large.

I'm trying to get Snort installed/configured on a

pair of pc's running RH

7.2 Linux.  Now, I know there is an installation

guide for RH 7.2 in the

Snort docs, but I think it might be getting in the

way of my basic

understanding of what Snort does.  I just wanna

set up the sensor on one

machine, the mysql db on the other, and that's it.

I'd love to add in some of the other bells n'

whistles ...later.  Now I just

wanna see how the basic product works w/o the

Acid, webmin, apache, and so

on.

Is there a doc for such a stripped-down install,

or can I merely disregard

all the references to the other goodies in the

doc?

Joe,

      If you aren't using a 'frontend' like ACID, the
mysql might be a bit
of overkill.  Esp. if you're just doing testing. 
You might want to consider
just installing snort and checking out the log files
instead of logging to a
db.  I'm just a big fan of the Keep it Simple
school.  :)

      Cheers!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net





-------------------------------------------------------

This sf.net email is sponsored by: Jabber - The
world's fastest growing 
real-time communications platform! Don't just IM.
Build it in! 
http://www.jabber.com/osdn/xim
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or
unsubscribe:


https://lists.sourceforge.net/lists/listinfo/snort-users

Snort-users list archive:


http://www.geocrawler.com/redir-sf.php3?list=snort-users


=====
-----------------------------------------------------------
All warfare is based on deception.
-----------------------------------------------------------

__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: