Snort mailing list archives
Re: Centralized DB Server??
From: Andreas Lindenblatt <azrael () solution de>
Date: Wed, 13 Jun 2001 01:20:25 +0200
Hi Marc,
geographical locations. I've been brainstorming this a bit, and it seems that I should be able to easily ignore alerts that are being generated by traffic to the MySQL TCP port. Does this sound like the answer?
It surely is an answer to your initial question :). But I would feel uhm... uncomforatable with an open MySQL-Port to a machine sitting inside our network and collecting lots of 'foreign', unchecked and unencrypted sensor data. Even if it means we don't get 'real-time' data, we fell back to packing and scrambling logs at the snort-boxes and fetching them with scp. Hmmm... what happened to SnortNet? It looked good with snort 1.6 :) -- ---- BYE Andreas _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Centralized DB Server?? Marc Thompson (Jun 11)
- <Possible follow-ups>
- RE: Centralized DB Server?? Kris Quinby (Jun 12)
- RE: Centralized DB Server?? Marc Thompson (Jun 12)
- RE: Centralized DB Server?? patrick.n.fitzgerald.1 (Jun 12)
- RE: Centralized DB Server?? Paulie (Jun 12)
- Re: Centralized DB Server?? Andreas Lindenblatt (Jun 12)
- RE: Centralized DB Server?? patrick.n.fitzgerald.1 (Jun 12)
- RE: Centralized DB Server?? Marc Thompson (Jun 12)
- RE: Centralized DB Server?? Marc Thompson (Jun 12)
- RE: Centralized DB Server?? Chapman, Justin T (Jun 14)
- RE: Centralized DB Server?? Chapman, Justin T (Jun 19)