IDS mailing list archives
Re: Snort Monitoring
From: "Scott M. Algatt" <turtle () turtleshell net>
Date: Tue, 29 Oct 2002 10:33:02 -0500 (EST)
All, Thanks for the reponses! Let me start by better explaining my current setup and then list the different suggested packages. I wanted to just send a blanket statement because I should be able to customize my setup in order to accomodate the package of my dreams :) Anyways, I am already running ACID. We have about 80+ sensors running and they all report to our centralized ACID database using an stunnel'd connection. This is the best thing since sliced bread as far as I am concerned. We are able to view lots of traffic and what not. The only problem is that with 80+ sensors there is no way to tell if a sensor is not sending me information. I was only looking for something to accomplish the piece of notification of online/offline status. After all of the responses my brain began to spiral out of control from the possibilities of all the different software out there. There are about five pieces of software that were suggested. Nagios www.nagios.com Snortcenter users.pandora.be/larc Demarc PureSecure www.demarc.com Big Brother www.bb4.org StillSecure Border Guard www.stillsecure.com I am currently toying with snortcenter for a number of reasons, free, integrates with ACID, and I think it fits the bill. Again thanks to everyone! Regards, Scott M. Algatt Behold the turtle. He makes progress only when he sticks his neck out.
Current thread:
- Snort Monitoring Scott M. Algatt (Oct 28)
- Re: Snort Monitoring Larc (Oct 28)
- Re: Snort Monitoring Tony Scalzitti (Oct 28)
- Re: Snort Monitoring Benjamin Keller (Oct 28)
- Re: Snort Monitoring Tony Scalzitti (Oct 29)
- Re: Snort Monitoring Todd Holloway (Oct 28)
- Re: Snort Monitoring Scott M. Algatt (Oct 29)
- Re: Snort Monitoring Krzysztof Przepiorka (Oct 30)
- Re: Snort Monitoring Scott M. Algatt (Oct 29)
- RE: Snort Monitoring Ghaith Nasrawi (Oct 28)
- <Possible follow-ups>
- RE: Snort Monitoring Chris Fairbourne (Oct 28)
- Re: Snort Monitoring Jérôme Tytgat (Oct 30)
- RE: Snort Monitoring Alan Shimel (Oct 28)