Snort mailing list archives
Stealth syslog to remote server
From: Carol Overes <message4casa () yahoo com>
Date: Sat, 24 May 2003 03:26:41 -0700 (PDT)
Hi, I'm looking for a method to sniff syslog messages on a ethernet segment, and forward these messages to a remote syslog server. I want to capture the syslog messages by using snort in stealth mode. I have seen some articles about this matter (http://www.linuxsecurity.com/feature_stories/snortlog-part1.html). However, in this case a snort alert is logged to syslog. I want to log the captured syslog packets to a remote syslog server. There is a script that can log to syslog, called 'snort2syslog'. But I was wondering if Snort can log these messages by it self. Anyone experience with this matter ? Thanks in advance, Carol __________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Stealth syslog to remote server Carol Overes (May 24)
- <Possible follow-ups>
- RE: Stealth syslog to remote server JP Vossen (May 24)