Snort mailing list archives
Re: Snort to monitor several servers
From: Dominik Schmid <dominik_schmid () gmx ch>
Date: Mon, 05 Dec 2005 21:55:10 +0100
HiIf you want an application to controll the alerts for all those servers, take a look at snortfocus - snortfocus.org.
It's a mysql extension of the snort database.With the php-gui, you can join servers to user groups which can control the alerts and set filters.
Dominik
Jacob,Wouldn't a possible solution be to install Snort on each server then have them all report to a central database? From your wording, it almost sounds like you're trying to provide protection to individual servers using a NIDS installed on each system. You may be better off using a HIDS like Samhain to provide individual system protection with NIDS at a few network choke-points, and centralize all of the logging using something like Prelude.- Ramon Jacob Friis Saxberg wrote:Is it possible to have a Nagios like setup of Snort? We have several servers that all need Snort. How could we solve this in an intelligent way?-------------------------------------------------------This SF.net email is sponsored by: Splunk Inc. Do you grep through log filesfor problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort to monitor several servers Jacob Friis Saxberg (Dec 05)
- Re: Snort to monitor several servers G Ramon Gomez (Dec 05)
- Re: Snort to monitor several servers Dominik Schmid (Dec 05)
- Message not available
- Re: Snort to monitor several servers Gene R Gomez (Dec 06)
- Message not available
- Re: Snort to monitor several servers G Ramon Gomez (Dec 06)
- Re: Snort to monitor several servers G Ramon Gomez (Dec 05)