Snort mailing list archives
RE: Snort agent installation
From: "Snort" <Snort () InterCept Net>
Date: Mon, 21 Mar 2005 16:31:55 -0500
To addon you may want to define "console" to us, whether it is acid, snort center or something else... some consoles want snort information in syslog format, others can take the standard alert files, and others want it in a mysql database. At any point you will need to set your snort.conf file to point to that format. snort itself is a agent (in so many words) that collects, analyze and logs suspicious traffic. You use a console such as acid or demarc (which snort does not have) to monitor those alerts/logs and alert you to them. When you download and compile snort, you download something that will only collect and analyze traffic, you must then find another tool to manage those alerts and hopefully something that will manage snort as well. Hope that helps... Michael Brown -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Harper, Patrick Posted At: Monday, March 21, 2005 3:12 PM Posted To: Snort Conversation: [Snort-users] Snort agent installation Subject: RE: [Snort-users] Snort agent installation -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There is no snort agent, there is just snort. It is all in how you compile/configure it. - -----Original Message----- From: Jack A. Kanimea [mailto:jkanimea () itc gov fj] Sent: Monday, March 21, 2005 1:50 PM To: Jason Cc: snort-users () lists sourceforge net Subject: RE: [Snort-users] Snort agent installation Thanks Jason, In only on snort. Taps would be brought to monitor traffic from isolated network which would have snort agent reporting back to main snort console. Probably am download the wrong snort binaries file or may be I need to config the same snort install file to point back to console ??? Am be lost here . At the moment I supppose the snort files as both agent and console together. Anyway that where I am ??/ any help would greatly appreciated. thanks Jk - -----Original Message----- From: Jason [mailto:security () brvenik com] Sent: Monday, March 21, 2005 4:50 P To: Jack A. Kanimea Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Snort agent installation Jack, The files immediately available at http://www.snort.org/dl are source code. You will have to download a binary build from http://www.snort.org/dl/binaries/ for your operating system or compile the source to use Snort. It sounds from you mail like you are attempting to use a third party application in addition to Snort. Could you provide more information on your setup so that we can better assist you. Jack A. Kanimea wrote:
Hi, Am trying to install snort sensors (i.e. agent) with console. At moment the installation files is www.snort.org/dll has only 1 installation files. I am assuming that both agent and console are in 1 files but we just need to configure. AS anyone done snort agent install to monitor differnet network and report this back to main snort console. Any help woould be greatly appreciated. thanks JackK ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95&alloc_id396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=ort-users
- ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=ort-users -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQA/AwUBQj8qeZiWafDb7+B/EQI3kwCfenMrNJxOMH/gd0umQZ4BQmakH90AnjOt Mt25nfUv6AurraMqb9rMHOzr =1BLd -----END PGP SIGNATURE----- ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=ort-users ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95&alloc_id396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort agent installation Jack A. Kanimea (Mar 20)
- Re: Snort agent installation Jason (Mar 20)
- <Possible follow-ups>
- RE: Snort agent installation Jack A. Kanimea (Mar 21)
- RE: Snort agent installation Harper, Patrick (Mar 21)
- RE: Snort agent installation Snort (Mar 21)