Snort mailing list archives
[Snort-Users] new to snort and intrusion detection
From: "Jonathan Jesse" <jjesse () ftpb com>
Date: Thu, 8 May 2003 13:47:29 -0400
First of all a little introduction.... I started working at my current location a little over 6 months ago as a full-time computer support person. The place I work at is under 150 employees and before I can on staff there was no computer support or network administration. Every small problem or upgrade was taken care of by an outside consulting firm; including every day normal helpdesk requests, password resets, printer jams, etc. So in August of 2001, I was hired as a full time helpdesk/network admin position. Now, my boss (who is pretty IT savvy, just not very current on things) and I are trying to get the company set with a solid foundation and then move on to their. Also part of the foundation is in response to the auditors, got to love them. So to make a long story short, I am somewhat knowledgeable in Linux, having attained my Linux + certification from CompTIA, and my boss went to a user group meeting for our core banking system where a guest speaker spoke about Intrusion Detection and mentioned Snort. My boss asked if I knew anything about snort and could show it to him. Today I followed the guide "Enterprise Snort" by Steven Scott and have it up and running on a Red Hat 7.3 system with MySql and Acid and everything running. What I'm looking for is some help on how to learn how to use snort to its fullest, any sources/documentation to the best use out of it? Sorry about the long email Jonathan Jesse Network Specialist Founders Trust Bank This page and any accompanying documents contain confidential information intended for a specific individual and purpose. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
Current thread:
- [Snort-Users] new to snort and intrusion detection Jonathan Jesse (May 08)
- Re: [Snort-Users] new to snort and intrusion detection Michael Boman (May 08)
- <Possible follow-ups>
- RE: [Snort-Users] new to snort and intrusion detection L. Christopher Luther (May 08)
- RE: [Snort-Users] new to snort and intrusion detection Cloppert, Michael (May 09)