Re: Snort Reporting

["Hammond, Stanley" <shammond () CAPECOD EDU>]

We configured the IDS.  Unless there is a need for the extra modules that are commercially available from Prelude 
Technologies, the free libraries and prelude manager should be able to provide some of the reporting features needed.  

---

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Leon 
DuPree
Sent: Friday, April 24, 2009 6:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Snort Reporting

Snort is open source. "Free"?  Did you configure the IDS or someone else?
 
 


 
On Fri, Apr 24, 2009 at 7:56 AM, Hammond, Stanley <shammond () capecod edu> wrote:
We use Snort with Prelude IDS (http://www.prelude-ids.com)
Snort needs to be (re)compiled with the Prelude library, and the Prelude manager can email notifications based on 
different triggers.
 
Stan Hammond
Information Security Specialist
Cape Cod Community College
West Barnstable, MA
 
 
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of King, 
Ronald A.
Sent: Thursday, April 23, 2009 4:25 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Snort Reporting
 
We have deployed Snort configured to use MySQL through Barnyard with BASE as the reporting tool.  We are looking for an 
open source utility to monitor the database and generate email notifications on certain triggers like filter name, 
classification or SID.  Does anyone have suggestions?
 
Thank you.
 
Ronald King
Security Engineer
Norfolk State University
Marie V. McDemmond Center for Applied Research 
Suite 401 
700 Park Ave.
Norfolk, Virginia  23504
Phone:  757-823-3918
Email: raking () nsu edu
http://security.nsu.edu
 




-- 
EIM Consulting 
PO Box 320822
Flint Township, MI 48532
Leon DuPree B.S MBA
Chief Security Consultant
Phone: 810-569-6427
Fax: 270- 447-3872