Snort mailing list archives
Re: Cert Advisory and now no SNMP traps. (Absent jusqu'au 29/07/2002)
From: "Pascal Painparay" <pascal.painparay () tdf fr>
Date: Mon, 21 Apr 2003 15:43:39 +0200
Je suis absent jusqu'au 21/04/03 inclus. En cas d'urgence, Vous pouvez contacter : Christophe Savin au 01 49 15 32 75. Cdt Pascal Painparay
snort-users 04/21/03 15:18 >>>
"larosa, vjay" <larosa_vjay () emc com> writes:
Well I have to say this sucks. Now those of us that rely on SNMP traps are forced to upgrade to snort 2.0 and will lose our NMS integrations.
SNMPTrap was removed because it was easier to throw away functionality than to verify it's string handling operations. I don't know of an exact vulnerability You have 2 choices: 1) Merge in snmptrap from 1.9 ( pretty easy task ) This is entirely unsupported. 2) Switch to a different output mechanism like syslog.
Anyway, I am going to write a program to select events of interest from A Mysql database and will send SNMP traps to the NMS on behalf of snort.
If you are going to do this, I'd recommend you instead write a plugin for barnyard. -- Chris Green <cmg () sourcefire com> I've had a perfectly wonderful evening. But this wasn't it. -- Groucho Marx ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Cert Advisory and now no SNMP traps. (Absent jusqu'au 29/07/2002) Pascal Painparay (Apr 21)