Snort mailing list archives

Stealth syslog to remote server

From: Carol Overes <message4casa () yahoo com>
Date: Sat, 24 May 2003 03:26:41 -0700 (PDT)

Hi,

I'm looking for a method to sniff syslog messages on a
ethernet segment, and forward these messages to a
remote syslog server. I want to capture the syslog
messages by using snort in stealth mode. 

I have seen some articles about this matter
(http://www.linuxsecurity.com/feature_stories/snortlog-part1.html).
However, in this case a snort alert is logged to
syslog. I want to log the captured syslog packets to a
remote syslog server.

There is a script that can log to syslog, called
'snort2syslog'. But I was wondering if Snort can log
these messages by it self.

Anyone experience with this matter ?

Thanks in advance,

Carol


__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com


-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Stealth syslog to remote server Carol Overes (May 24)
- <Possible follow-ups>
- RE: Stealth syslog to remote server JP Vossen (May 24)