Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Managing multiple sensors ?

From: "Alex Butcher, ISC/ISYS" <Alex.Butcher () bristol ac uk>
Date: Thu, 29 Sep 2005 10:10:49 +0100
--On 28 September 2005 21:22 +0200 Alexandre Ahmim-Richard <passe () clope net> wrote: 


There was different talks about that subject before, but what solution
would you choose in order to manage multiple sensors (between 15 and 30) ?

Snortcenter ? Oinkmaster ? others ?
Oinkmaster, plus some shell scripts to implement sensor groups (by using different oinkmaster config files for each group).
I started off with Snortcenter, but I eventually became convinced that it was a bit too much of a toy to be useful with an 'Enterprise NIDS'. Also, it needs work every time Snort adds new keywords to its signature definition language. 

Best Regards,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9




-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: