Re: alert file

[Zachary Uram <yoda () orion netrek org>]

On Thu, 2002-10-24 at 02:58, Alberto Gonzalez wrote:
> Ok, not to be harsh, but you SOUND really new.

Hi Alberto,

Well I am really new to this :)

> 1. Learn everything you can about snort, its functions, option and plugins
>         - I recommend reading the Snort Users Manual[1]

Ok.

> 2. Familarize yourself with TCP/IP
>         - I recommend reading "TCP/IP Illustrated Vol 1" By R. Stevens

Will check ebay for this.

> 3. If snort gives you an alert, it also gives you a "reference", go read 
> about that specific attack.

Will do.

> 4. Use google. (this is your best friend).

Heh.

> And to your question, access_log is pertaining to apache. I suggest also 
> reading about what your using. Looks to me
> your just running default installs of things.

Yah some things are pretty much default installs.

> I see you mentioned debian, im almost positive you used its package 
> system. Try grabbing the lastest stable[2]

I am running the latest Debian unstable release.

> or grabbing it via snapshots/ directory. Rolling Your Own is the best 
> method for a new snort user.

Ok. Hope it will compile ok :)

> And read my signature(below) and apply that to _EVERYTHING_ ;-)

Heh.

Zach



-------------------------------------------------------
This sf.net email is sponsored by: Influence the future 
of Java(TM) technology. Join the Java Community 
Process(SM) (JCP(SM)) program now. 
http://ad.doubleclick.net/clk;4729346;7592162;s?http://www.sun.com/javavote
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users