Snort mailing list archives
FW: Hello test
From: "Tony Reusser" <treusser () filertel com>
Date: Mon, 15 Oct 2012 08:40:48 -0600
Follow up... Just to make sure you are clear... It seems you are in the same position I was in a few months ago. If you/your company can afford the very excellent SANS SEC503 class, I highly recommend it. I didn't mean to offer a "no help" simplistic answer. But in my experience setting up a functioning NIDS system using open-source tools like CentOS and Snort is a very good economical decision. But coming from someone with no prior experience with IDS's in general, and a fairly good grasp of linux admin (i.e. NOT a programmer/developer) setting up my system wasn't exactly a trivial exercise. But I struggled and with the assistance of mail lists like this and all the available documentation, I did it. You can too. To summarize, if you want to use a tool like BASE, you need a few other things first. First of all, follow the requirements on the snort website: http://www.snort.org/start/requirements The Barnyard2 piece is critical. Then you will need MySQL for the database part. Barnyard takes the 'unified' output from Snort and populates the database. Then a php web tool like BASE reads the database and presents a basic, but useful management and analysis interface. Here is a link to a document that was immensely helpful to me. I had trouble getting the 'ntop' tool to work, but I really didn't need it and I don't miss it. http://www.internetsecurityguru.com/documents/Snort_Base_Barnyard_CentOS_5.p df Others in this mail list have been very helpful to me as I learn this stuff. I thought I'd return the favor. Have fun snorting! -Tony Reusser -----Original Message----- From: kevin zhang [mailto:kevin35zhang () gmail com] Sent: Monday, October 15, 2012 12:29 AM To: Joel Esler Cc: snort-users Subject: Re: [Snort-users] Hello test hello all I will install snort system in company,,I have used VirtualBox test it successful in sniffer mode But we need run it in IDS mode,,,I don't know how to configure it ,,,I search solution use Google but no result,,, Can you give me a little hyperlink ?? I need a graphics website monitor Please tell me how to study it Tks very much OS:CentOS 6.3 x64 Snort:2.9.3.1 2012/10/12, Joel Esler <jesler () sourcefire com>:
It works. On Oct 12, 2012, at 3:05 AM, kevin zhang <kevin35zhang () gmail com> wrote:hello boys and girls, i am kevin,new comer test -- Best wishes Kevin Zhang --------------------------------------------------------------------- --------- Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
-- Best wishes Kevin Zhang ---------------------------------------------------------------------------- -- Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Hello test kevin zhang (Oct 12)
- Re: Hello test Joel Esler (Oct 12)
- Re: Hello test kevin zhang (Oct 14)
- <Possible follow-ups>
- FW: Hello test Tony Reusser (Oct 15)
- FW: Hello test Tony Reusser (Oct 15)
- FW: Hello test Tony Reusser (Oct 15)
- Re: Hello test Joel Esler (Oct 12)