Snort mailing list archives
Re: Using Snort as IDS + packet logger
From: "Scot Scot" <scotw () hotmail com>
Date: Thu, 16 Oct 2003 01:45:23 -0500
----- Original Message ----- From: "Damiano Bolzoni" <damiano.bolzoni () tin it> To: <snort-users () lists sourceforge net> Sent: Wednesday, October 15, 2003 2:10 PM Subject: [Snort-users] Using Snort as IDS + packet logger
Hi all, I've just installed Snort on a Windows 2000 server. I want to use its IDS feature but also need to log every packet (I want to make some
statistics):
shall I write a new rule in order to use IDS rules + logging features? Or
I
can use a mix of parameters? Thanx Damiano <snip>
If you want to do statistical packet logging I would recommend ntop www.ntop.org Free on the *nix platform (there are rpms for a cake install) and around $50.00 or so (US/Euro) if you want a clean compile for the Windows platform. http://www.snark.it/ntop/cart.php Scot Wiedenfeld Just my 2.0134 cents worth (tax included) ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Using Snort as IDS + packet logger Damiano Bolzoni (Oct 15)
- Re: Using Snort as IDS + packet logger Scot Scot (Oct 16)
- <Possible follow-ups>
- RE: Using Snort as IDS + packet logger Richard Bejtlich (Oct 15)
- RE: Using Snort as IDS + packet logger grant (Oct 16)