Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Snort agent installation

From: "Snort" <Snort () InterCept Net>
Date: Mon, 21 Mar 2005 16:31:55 -0500

To addon you may want to define "console" to us, whether it is acid,
snort center or something else... some consoles want snort information
in syslog format, others can take the standard alert files, and others
want it in a mysql database. At any point you will need to set your
snort.conf file to point to that format. 

snort itself is a agent (in so many words) that collects, analyze and
logs suspicious traffic. You use a console such as acid or demarc (which
snort does not have) to monitor those alerts/logs and alert you to them.
When you download and compile snort, you download something that will
only collect and analyze traffic, you must then find another tool to
manage those alerts and hopefully something that will manage snort as
well.

Hope that helps...

Michael Brown

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Harper,
Patrick
Posted At: Monday, March 21, 2005 3:12 PM
Posted To: Snort
Conversation: [Snort-users] Snort agent installation
Subject: RE: [Snort-users] Snort agent installation

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There is no snort agent, there is just snort.  It is all in how you
compile/configure it.


- -----Original Message-----
From: Jack A. Kanimea [mailto:jkanimea () itc gov fj] 
Sent: Monday, March 21, 2005 1:50 PM
To: Jason
Cc: snort-users () lists sourceforge net
Subject: RE: [Snort-users] Snort agent installation

Thanks Jason,
             In only on snort. Taps would be brought to monitor
traffic from isolated network which would have snort agent  reporting
back to main snort console.  Probably am download the wrong snort
binaries file or may be I need to config the same snort install file
to point back to console ??? Am be lost here . At the moment I
supppose the snort files as both agent and console together. 
Anyway that where I am ??/ any help would greatly appreciated.
thanks
Jk

- -----Original Message-----
From: Jason [mailto:security () brvenik com]
Sent: Monday, March 21, 2005 4:50 P
To: Jack A. Kanimea
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Snort agent installation


Jack,

The files immediately available at http://www.snort.org/dl are source
code. You will have to download a binary build from 
http://www.snort.org/dl/binaries/ for your operating system or
compile 
the source to use Snort.

It sounds from you mail like you are attempting to use a third party 
application in addition to Snort. Could you provide more information
on 
your setup so that we can better assist you.

Jack A. Kanimea wrote:

Hi,
   Am trying to install snort sensors (i.e. agent) with console. At
moment the installation files is www.snort.org/dll has only 1
installation files. I am assuming that both agent and console are
in 1 files but we just need to configure. AS anyone done snort
agent install to monitor differnet network and report this back to
main snort console. Any help woould be greatly appreciated.
thanks
JackK


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real
users. Discover which products truly live up to the hype. Start
reading now. http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users




- -------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real
users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQj8qeZiWafDb7+B/EQI3kwCfenMrNJxOMH/gd0umQZ4BQmakH90AnjOt
Mt25nfUv6AurraMqb9rMHOzr
=1BLd
-----END PGP SIGNATURE-----



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: