Snort mailing list archives
Re: Snort alerts to SNMP
From: "Rafeeq Rehman" <rr () argusnetsec com>
Date: Wed, 21 May 2003 22:15:03 -0400
Depends upon the environment. Usually goal of monitoring the business production systems is to keep an eye on things which are critical to routine business operation (databases, routers etc.). As a matter of principle, monitoring of security devices should be separate from monitoring of, for example, an oracle server. Other opinions are welcomed. ----- Original Message ----- From: "Roy S. Rapoport" <snort-users () ols inorganic org> To: <snort-users () lists sourceforge net> Sent: Wednesday, May 21, 2003 9:26 PM Subject: Re: [Snort-users] Snort alerts to SNMP
On Wed, May 21, 2003 at 09:00:52PM -0400, Rafeeq Rehman wrote:I don't have experience with Nagios but it works very well with HP
OpenView
(I tested with Network Node Manager). Yes, you can do some trend
analysis
based upon traps/alerts. However, I don't recommend to merge Snort data
with
any production network monitoring system. False alarms do occur which
may
panic operators in production environment.I'm not sure I understand -- if you're using Snort as an IDS (Intrusion Detection System) shouldn't you be panicing, or at least responding vigorously, in the case of an alarm? -roy
------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort alerts to SNMP Paul . Fiero (May 21)
- Re: Snort alerts to SNMP Rafeeq Rehman (May 21)
- Re: Snort alerts to SNMP Roy S. Rapoport (May 21)
- Re: Snort alerts to SNMP Rafeeq Rehman (May 21)
- Re: Snort alerts to SNMP Roy S. Rapoport (May 21)
- Re: Snort alerts to SNMP Rafeeq Rehman (May 21)