Snort mailing list archives
Re: BASE or Snort Report ???
From: "Garland, Ken R" <garlandkr () gmail com>
Date: Tue, 4 Jan 2011 16:02:19 -0500
Use something else for notification purposes like sec.pl or other notification/monitoring tools. Snorby/BASE are not really meant for that, they are, for lack of a better term, data mining tools. Sure you can see a live view in Snorby but if you want to get that close to the metal would you really put yourself in front of a gui web app with potential delay? On Tue, Jan 4, 2011 at 3:50 PM, J. L. Cabral <jelocabral () gmail com> wrote:
Because I see in BASE there is a file called base_conf.php which can be configured with some parameters for sending mail, but I've never understood the functionality because I don't understand how to choose the alerts I need to get...so I suppose is the same in Snorby, but maybe not.... On Tue, Jan 4, 2011 at 5:40 PM, Joel Esler <jesler () sourcefire com> wrote:(That's three drinks right there.) I don't think Snorby sends alerts by email. Joel On Tue, Jan 4, 2011 at 3:28 PM, J. L. Cabral <jelocabral () gmail com>wrote:I've read somo info about Snorby but I can't see any data about the configuration for sending alerts by email. Is this possible and in this case how should I choose the alerts I need to receive ??? Thanks again, JeLo On Tue, Jan 4, 2011 at 4:54 PM, Jefferson, Shawn <Shawn.Jefferson () bcferries com> wrote:Personally I like BASE (since I have modified it to correlate alerts with my systems management product's view of patches applied to mysystems),although Snorby and Snort Report look pretty nice. What language are Snorby and Snort Report written in? PHP? -----Original Message----- From: J. L. Cabral [mailto:jelocabral () gmail com] Sent: Tuesday, January 04, 2011 10:52 AM To: snort-users () lists sourceforge net Subject: [Snort-users] BASE or Snort Report ??? Hi all, I need a starting point to enter to Snort world, so I think I can use BASE or Snort Report to view the traffic logs. I've used BASE but I'm still fighting with sending alerts by email, I can setup this feature. And also I've seen some snapshots from Snort Report. What web interface do you recommend to me in order to view and receive critical Snort's alerts by mail ??? Really thanks, JeLo------------------------------------------------------------------------------Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their databaseenvironment,and, should the need arise, upgrade to a full multi-node Oracle RACdatabasewithout downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their databaseenvironment,and, should the need arise, upgrade to a full multi-node Oracle RACdatabasewithout downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------Learn how Oracle Real Application Clusters (RAC) One Node allowscustomersto consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users-- Joel Esler Skype:eslerjoel http://blog.snort.org------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- BASE or Snort Report ??? J. L. Cabral (Jan 04)
- Re: BASE or Snort Report ??? Joel Esler (Jan 04)
- Re: BASE or Snort Report ??? Garland, Ken R (Jan 04)
- Re: BASE or Snort Report ??? Champ Clark III [Softwink] (Jan 04)
- Re: BASE or Snort Report ??? Jefferson, Shawn (Jan 04)
- Re: BASE or Snort Report ??? J. L. Cabral (Jan 04)
- Re: BASE or Snort Report ??? Joel Esler (Jan 04)
- Re: BASE or Snort Report ??? J. L. Cabral (Jan 04)
- Re: BASE or Snort Report ??? Joel Esler (Jan 04)
- Re: BASE or Snort Report ??? Garland, Ken R (Jan 04)
- Re: BASE or Snort Report ??? Joe Pampel (Jan 04)
- Re: BASE or Snort Report ??? Jefferson, Shawn (Jan 04)
- Re: BASE or Snort Report ??? Champ Clark III [Softwink] (Jan 04)
- Re: BASE or Snort Report ??? Tilley, Brad (Jan 05)
- Re: BASE or Snort Report ??? Martin Holste (Jan 05)
- Re: BASE or Snort Report ??? J. L. Cabral (Jan 04)
- Re: BASE or Snort Report ??? Garland, Ken R (Jan 04)
- Re: BASE or Snort Report ??? Bamm Visscher (Jan 05)
- Re: BASE or Snort Report ??? Jun Wan (Jan 06)
- Re: BASE or Snort Report ??? Crusty Saint (Jan 06)