Snort mailing list archives

RE: Snort + acid + mysql

From: Michael Miller <michael.miller () state co us>
Date: Fri, 2 Apr 2004 12:18:20 -0700

I've had some success with 'IDS policy manager'. It runs on Windows, and
cannot run with emulation under linux, but it still might be something you
should look at. http://www.activeworx.com/idspm/
<http://www.activeworx.com/idspm/>  

 

Further, there's also SnortCenter, but I haven't get it fully running, and
IDS policy manager does most of what I want. http://users.pandora.be/larc/
<http://users.pandora.be/larc/>  

 

  _____  

From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Nils Fragoso
Sent: Friday, April 02, 2004 10:38 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort + acid + mysql

 

Hi Guys,

 

I've setup Snort, PHP, Apache, Mysql and Acid  on a Linux (RH 9.0). I've
followed an installation manual wrote by Patrick Harper, that I found on
www.internetsecurityguru.com <http://www.internetsecurityguru.com/> , which,
by the way, is a very good guide.  Snort is running fine and I'm able to get
the "bad" packets.

But now I need to update the rules, what is the best way to do this? And how
can I do this?

How about to use Snort to stop the attacks? Is any way it can do this?

I'm not a Linux "super user", so please send me detailed instructions, if
you want to help me.

Thanks in advance.

 

Nils

Current thread:

Snort + acid + mysql Nils Fragoso (Apr 02)
- Re: Snort + acid + mysql Patrick S. Harper - CISSP RHCT MCSE (Apr 06)
- <Possible follow-ups>
- RE: Snort + acid + mysql Michael Miller (Apr 02)
- RE: Snort + acid + mysql Noble, Kevin (Apr 02)