Snort mailing list archives
Alert or log?
From: francisv () dagupan com
Date: Fri, 14 Feb 2003 13:08:59 +0800
Hi, I've been using Snort and ACID for a couple of months now and I have no problems with it so far. A couple of hours ago, I decided to add barnyard to my current setup. What do you suggest that I put on the ACID DB, alert or log? What's the basic difference? Also, I learned that ACID's portscan graph wouldn't work unless you're logging alerts and it also doesn't understand the output from the portscan2 preprocessor. --- francis a. vidal [bitstop network services] | http://www.bnshosting.net streaming media + web hosting | http://www.bitstop.ph v(02)330-2871,(02)330-2872; f(02)330-2873 | http://www.kuro.ph ------------------------------------------------------- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Alert or log? francisv (Feb 13)
- Re: Alert or log? Erek Adams (Feb 13)
- <Possible follow-ups>
- RE: Alert or log? francisv (Feb 13)
- RE: Alert or log? Erek Adams (Feb 14)
- Re: Alert or log? Bamm Visscher (Feb 14)
- Re: Alert or log? Paul B. Poh (Feb 16)
- RE: Alert or log? francisv (Feb 14)
- RE: Alert or log? Erek Adams (Feb 15)