Snort mailing list archives
Re: Snort to monitor several servers
From: G Ramon Gomez <gene () gomezbrothers com>
Date: Tue, 06 Dec 2005 17:43:33 -0800
With these three items, you should get a combined network and host-based view of the current intrusion status of your network:
* Install Prelude-Manager on a single server, and configure all of your IDS components to report to it.
* Place a NIDS/Snort at any point of ingress/egress to your network.* On UNIX, install Prelude-LML and Samhain on any host that specificly needs to be protected. On Windows, install NTSyslog, and configure it to report back to a system that runs Prelude-LML for log parsing.
- Ramon Jacob Friis Saxberg wrote:
The most important thing for us is to check if someone breaks in and read our sensitive data. What would you recommend for that?
------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort to monitor several servers Jacob Friis Saxberg (Dec 05)
- Re: Snort to monitor several servers G Ramon Gomez (Dec 05)
- Re: Snort to monitor several servers Dominik Schmid (Dec 05)
- Message not available
- Re: Snort to monitor several servers Gene R Gomez (Dec 06)
- Message not available
- Re: Snort to monitor several servers G Ramon Gomez (Dec 06)
- Re: Snort to monitor several servers G Ramon Gomez (Dec 05)