Snort mailing list archives
RE: Snort + acid + mysql
From: Michael Miller <michael.miller () state co us>
Date: Fri, 2 Apr 2004 12:18:20 -0700
I've had some success with 'IDS policy manager'. It runs on Windows, and cannot run with emulation under linux, but it still might be something you should look at. http://www.activeworx.com/idspm/ <http://www.activeworx.com/idspm/> Further, there's also SnortCenter, but I haven't get it fully running, and IDS policy manager does most of what I want. http://users.pandora.be/larc/ <http://users.pandora.be/larc/> _____ From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Nils Fragoso Sent: Friday, April 02, 2004 10:38 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Snort + acid + mysql Hi Guys, I've setup Snort, PHP, Apache, Mysql and Acid on a Linux (RH 9.0). I've followed an installation manual wrote by Patrick Harper, that I found on www.internetsecurityguru.com <http://www.internetsecurityguru.com/> , which, by the way, is a very good guide. Snort is running fine and I'm able to get the "bad" packets. But now I need to update the rules, what is the best way to do this? And how can I do this? How about to use Snort to stop the attacks? Is any way it can do this? I'm not a Linux "super user", so please send me detailed instructions, if you want to help me. Thanks in advance. Nils
Current thread:
- Snort + acid + mysql Nils Fragoso (Apr 02)
- Re: Snort + acid + mysql Patrick S. Harper - CISSP RHCT MCSE (Apr 06)
- <Possible follow-ups>
- RE: Snort + acid + mysql Michael Miller (Apr 02)
- RE: Snort + acid + mysql Noble, Kevin (Apr 02)