Snort mailing list archives
iplog
From: "Dan Mahoney, System Admin" <danm () prime gushi org>
Date: Tue, 13 Aug 2002 14:04:44 -0400 (EDT)
Hi all. It seems to me that since iplog can both listen promiscuously on an interface like snort can and that since it specializes in detection of things snort NOT good at (i.e. stateful detections like portscans, pingfloods, smurfs, etc), that there should be some way to use iplog as (A) either a preprocessor of sorts or (B) There should be a way to use logsnorter to suck in the logs from iplog. I don't see logsnorter around anymore, I can't find it. But is there some way to accomplish this, and have them BOTH show up in ACID? -Dan -- "Don't try to out-wierd me. I get stranger things than you free with my breakfast cereal." -Button seen at I-CON XVII (and subsequently purchased) --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Web: http://prime.gushi.org finger danm () prime gushi org for pgp public key and tel# --------------------------- ------------------------------------------------------- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- iplog Dan Mahoney, System Admin (Aug 13)
- <Possible follow-ups>
- iplog Dan Mahoney, System Admin (Aug 14)