Re: Snort alerts to SNMP

["Roy S. Rapoport" <snort-users () ols inorganic org>]

On Wed, May 21, 2003 at 09:00:52PM -0400, Rafeeq Rehman wrote:
> I don't have experience with Nagios but it works very well with HP OpenView
> (I tested with Network Node Manager). Yes, you can do some trend analysis
> based upon traps/alerts. However, I don't recommend to merge Snort data with
> any production network monitoring system. False alarms do occur which may
> panic operators in production environment.

I'm not sure I understand -- if you're using Snort as an IDS (Intrusion
Detection System) shouldn't you be panicing, or at least responding
vigorously, in the case of an alarm?

-roy


-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users