Re: Snort to monitor several servers

[G Ramon Gomez <gene () gomezbrothers com>]

Jacob,
Wouldn't a possible solution be to install Snort on each server then 
have them all report to a central database?
From your wording, it almost sounds like you're trying to provide 
protection to individual servers using a NIDS installed on each system.  
You may be better off using a HIDS like Samhain to provide individual 
system protection with NIDS at a few network choke-points, and 
centralize all of the logging using something like Prelude.

- Ramon

Jacob Friis Saxberg wrote:

> Is it possible to have a Nagios like setup of Snort?
>
> We have several servers that all need Snort.
> How could we solve this in an intelligent way?
>  


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users