Snort mailing list archives
RE: Alert or log?
From: francisv () dagupan com
Date: Fri, 14 Feb 2003 14:50:32 +0800
Thanks Erek! If I want to use ACID with barnyard and snort, which logging method would be more useful? -----Original Message----- From: Erek Adams [mailto:erek () snort org] Sent: Friday, February 14, 2003 1:16 PM To: francisv () dagupan com Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Alert or log? On Fri, 14 Feb 2003 francisv () dagupan com wrote: [...snip...]
log? What's the basic difference? Also, I learned that ACID's portscan
graph
wouldn't work unless you're logging alerts and it also doesn't understand the output from the portscan2 preprocessor.
For the definitive answer on "alert vs. log" have a look at this [0] email. Cheers! ----- Erek Adams "When things get weird, the weird turn pro." H.S. Thompson [0] http://www.theadamsfamily.net/~erek/snort/logging_methods.txt ------------------------------------------------------- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Alert or log? francisv (Feb 13)
- Re: Alert or log? Erek Adams (Feb 13)
- <Possible follow-ups>
- RE: Alert or log? francisv (Feb 13)
- RE: Alert or log? Erek Adams (Feb 14)
- Re: Alert or log? Bamm Visscher (Feb 14)
- Re: Alert or log? Paul B. Poh (Feb 16)
- RE: Alert or log? francisv (Feb 14)
- RE: Alert or log? Erek Adams (Feb 15)