Snort setting

[jo cam <jo.cam () caramail com>]

Thanks for your answer.
I installed my first sensor and it’s seem work fine. I used
the snort+mysql package which came with my linux
distribution.

My configuration is:
- Linux 2.4 (Mandrake distrib ver 8.2)
- Snort ver 1.8.4
- ACID ver 0.9.6b20
- MySQL Ver 11.15 distrib 3.23.47

I can’t specified the sensor name in snort.conf. When I
lunch IE on my Win95 WS, I see that the sensor name is the
IP address of the network interface of my linux WS.

There are some problems with email alerts.
I created one alert group and one alert email in Alert
Group Maintenance. After viewing alerts, when I try to send
email alert, by putting my email address, ACID return the
message “Successful EXPORT-full- on xx alert(s) in xx
blobs” but I can’t receive mail.

In php.ini file, I left the default configuration for UNIX
machine (sendmail –t) and, for the win machine, I set up
the SMTP server (with the name of our smtp server) and my
email address.
Have you got more information for using the email alerts
functions?

For the others setting, I just downloading Andrea Barisani
document which describe an approach for setting up and
maintaining multiple Snort sensor. I hope this document
could help me. You will find it at
http://www.infis.univ.trieste.it/~lcars/ids.

Regards,

Jo

----- Original Message -----
From: "jo cam"
To:
Sent: Wednesday, July 17, 2002 12:16 PM
Subject: [Snort-users] Snort setting


Hi,

I want to use snort and MySQL in the following
configuration:
- the first snort sensor on linux station. The database
MySQL also running on this sensor
- the second sensor on Win 95
- the third sensor on Win NT.

QUESTIONS:

1. What is the sensor name ?
2. On Win95 and WinNT stations, is that necessary to have
MySQL client installed ?
3. In each station how can i setup the output module part
of snort.conf ?

Regards,

Jo
_________________________________________________________
Envoyez des messages musicaux sur le portable de vos amis
 http://mobile.lycos.fr/mobile/local/sms_musicaux/