AW: Snmp traps v 1 ( cont ... )

["Poppi, Sandro" <Sandro.Poppi () wacker com>]

Marcelo,
> Sandro,
>
> Thanks for the help !

Anytime!

[snip]
> Do you know the program I can use to send snmp traps v 1 ?

On our Solaris 8 (Sparc) I found /usr/sbin/snmp_trapsend which seems to be
what you need. I've never tested it and am not a Solaris guru so you'll have
to try yourself ;)

> How can I log things in an easy way to identify the atacks ( 
> something like
> sneeze output ) in one place ( not directories only a file 
> with the alerts ) ?

I use the output alert_syslog option in snort.conf to log to syslog. If you
would prefer a single file for snort alerts you might use
output alert_syslog: LOG_LOCAL0 LOG_ALERT LOG_PID

and edit /etc/syslog.conf and add something like
local0.*        <put-in-your-path-and-filename-here>

Ahm, I tested this with linux, should be similiar with solaris.

Then use swatch to send trap.

HTH,
Sandro

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users