Snort mailing list archives

Previous By Date Next
Previous By Thread Next

AW: Snort x Dragon Integration?

From: "Poppi, Sandro" <Sandro.Poppi () wacker com>
Date: Mon, 25 Aug 2003 10:13:20 +0200
I tried it sometime ago with Dragon 5 and Snort snmp plugin, but the results
were not what I expected. AFAIR there where problems to differentiate the
OIDs in Dragon to have Dragon report on each specific Snort rule.

If you plan to work on it I could send you a small script to convert Snort
rules (pre 2.0) to Dragon rules if I can find it again ;)

As of Dragon 6 I think it should be possible to write an own Dragon plugin
for Snort (using the newly introduced Dragon API for development) but never
tried it though.

So long,
Sandro


Hello Everyone,

Has anyone tried to integrate Dragon and Snort?

What I mean by integration is having Snort detect events, send 
them to Dragon (SNMP?) and have Dragon take action?

I thought about that possibility and I wondered if anyone had tried.

Thanks for any opinions,

Bernardo Santos Wernesback
bernardo -= at =- ish.com.br


-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single 
machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell 
virtual machines at the same time. Free trial click 
here:http://www.vmware.com/wl/offer/358/0
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe: 
https://lists.sourceforge.net/lists/listinfo/sn>ort-users

Snort-users list archive: 
http://www.geocrawler.com/redir-sf.php3?list=snort-users




-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: