Snort mailing list archives
Using Snort with TIS Firewall Software
From: "Chris Shepherd" <chris () shepherds plus com>
Date: Thu, 12 Dec 2002 17:03:11 -0000
Hi I have a customer who is using TIS Firewal software and has had a security audit. the main point raised from the audit was that no firewall log reviewing was done. I believe that all logging from the firewal softawre goes to /var/adm/messages. I found Snort on the web, downloaded it, and, as far as I can see, it will create alert files when breaches of security has been detected - I tried it on unsuccessful logins, bad su password etc. However, I do not know how Snort works in a firewall environment. Can anybody tell me if it will add value to the TIS software or in reality, shold the TIS software be able to be configured to alert when any security breaches have been identified. I look forward to hearing your responses. Regards Chris Shepherd
Current thread:
- Using Snort with TIS Firewall Software Chris Shepherd (Dec 12)