Snort mailing list archives

Re: Snort from a live Distro, rolling logs? No internal storage...

From: Kevin Johnson <kjohnson () secureideas net>
Date: Sat, 23 Oct 2004 13:56:57 -0400

On Fri, 2004-10-22 at 08:15, Jason Humes wrote:

Hi
So I've been given a pretty beefy server (with no internal storage) and was
wondering if there is a live linux distro with snort and acid and mysql all
ready to go ( I know that phlak has snort, but I'm not sure about the acid
mysql part).  Also, is there any way to have snort use some sort of rolling
log file (we've got 512MB of RAM and would like to use that for logging).
Thanks for any help or ideas.

--

Jason


Hi-

I would recommend the Network Security Toolkit (
http://nst.sourceforge.net/nst/ )  It includes Snort, MySQL and ACID,
(BASE in the next version)  It sounds like it would meet your needs
perfectly.

Kevin
-------------------
BASE Project Lead
http://sourceforge.net/projects/secureideas
The next step in IDS analysis!

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

Snort from a live Distro, rolling logs? No internal storage... Jason Humes (Oct 22)
- Re: Snort from a live Distro, rolling logs? No internal storage... Kevin Johnson (Oct 23)
- <Possible follow-ups>
- RE: Snort from a live Distro, rolling logs? No internal storage... Hazel, Scott A. (Oct 22)