Snort mailing list archives

Re: Centralized DB Server??

From: Andreas Lindenblatt <azrael () solution de>
Date: Wed, 13 Jun 2001 01:20:25 +0200

Hi Marc,

geographical locations.  I've been brainstorming this a bit, and it seems
that I should be able to easily ignore alerts that are being generated by
traffic to the MySQL TCP port.  Does this sound like the answer?

It surely is an answer to your initial question :).

But I would feel uhm... uncomforatable with an open MySQL-Port to a
machine sitting inside our network and collecting lots of 'foreign',
unchecked and unencrypted sensor data.

Even if it means we don't get 'real-time' data, we fell back to packing
and scrambling logs at the snort-boxes and fetching them with scp. 

Hmmm... what happened to SnortNet? It looked good with snort 1.6 :)

-- 
----
BYE Andreas

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Centralized DB Server?? Marc Thompson (Jun 11)
- <Possible follow-ups>
- RE: Centralized DB Server?? Kris Quinby (Jun 12)
- RE: Centralized DB Server?? Marc Thompson (Jun 12)
  - RE: Centralized DB Server?? patrick.n.fitzgerald.1 (Jun 12)
    - RE: Centralized DB Server?? Paulie (Jun 12)
  - Re: Centralized DB Server?? Andreas Lindenblatt (Jun 12)
- RE: Centralized DB Server?? Marc Thompson (Jun 12)
- RE: Centralized DB Server?? Marc Thompson (Jun 12)
- RE: Centralized DB Server?? Chapman, Justin T (Jun 14)
- RE: Centralized DB Server?? Chapman, Justin T (Jun 19)