Snort mailing list archives
RE: Snort questions
From: "Patrick S. Harper" <patrick () internetsecurityguru com>
Date: Mon, 5 Jul 2004 10:23:41 -0500
most of your questions will be answered by the install guides on the snort.org website. I wrote one for Redhat 9, and have updates for fedora core 1 (it will work with core 2 is you use the RPM's at the site I mention on my docs page) The RPM's are very stable, I have had no problems with them. Openaanval does some decent reporting (the install is included as part of my core 1 install doc) and you will find other front ends on the snort.org site. I use oinkmaster to update, I have it to check everyday or you can just run it as you desire. it is a Perl script so make sure you have Perl installed (most Linux systems do). I update snort as soon as I test it on a test box and make sure it does not break my installs. Hope that helps. Patrick S. Harper | CISSP RHCT MCSE www.internetsecurityguru.com www.ntsug.org - Snort Users Group "If there is no light at the end of the tunnel, get down there and light the damn thing yourself!" hi I have following questions..hope that would help many people out there where can I get the names and versions of all the software (e.g. libpcap) required by snort ? It is mentioned that snort has a 'very small footprint' what is the size of the footprint ? whether snort RPMs are stable and what are the pros and cons of using RPM over compiling from source ? how to prepare reports from snort logs ? what is the best method of rules updation ? how frequently do I need to upgrade snort ? any suggestions for backup strategy ? regards, shashank --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.715 / Virus Database: 471 - Release Date: 7/4/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.715 / Virus Database: 471 - Release Date: 7/4/2004
Current thread:
- Snort questions shashank . joshi (Jul 05)
- RE: Snort questions Patrick S. Harper (Jul 05)
- Message not available
- Re: Snort questions Matt Kettler (Jul 06)