Snort mailing list archives

Snort capabilities

From: Marnus Marx <Marnus.Marx () m-1 co uk>
Date: Wed, 24 Mar 2004 13:23:09 -0000

Hi All

 

I am looking to set up a IDS system, and I am considering snort as one of
the apps... My question is this: Can snort do all of the following, and if
not, can I have some guidelines to something that might be able to:

 


1

Scan system for file changes (integrity check)

 


2

Scan system for unexpected activety (network)

 


3

Scan system for unwanted users

 


4

Scan sytsem for unwanted software (placed, installed or running)

 


5

Capture data of unwanted users for logging

 


6

Capture data of unwanted software for logging

 


7

Track source of unexpected activety and log it.

 


8

Track source of unwanted users and log it.

 


9

Block unwanted users.

 


10

Block and remove unwanted software.

 


11

Create a report of all actions taken

 

 

 

I appretiate your time and responses.

 

Kind regards

 

Marnus Marx

Senior SIIMS Support/SA

Maintenance One Services Ltd.
2 Cofferidge Close, Stony Stratford,
Milton Keynes, Bucks MK11 1BY 
Tel: +44 1908 635400 Fax: +44 1908 635477

Current thread:

Snort capabilities Marnus Marx (Mar 25)
- Re: Snort capabilities AJ Butcher, Information Systems and Computing (Mar 26)