Snort mailing list archives

Re: Snort preprocessor perfmonitor


From: Salahudin Wan Khairuzzaman <salahudin () cybersecurity my>
Date: Thu, 09 Dec 2010 10:05:22 +0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes absolutely.

- From your Snort configuration, set output log to MySQL server (mysql at
snorby server). E.g :

output database: log, mysql, user=root password=toor dbname=snorbydb
host=192.168.1.1

You can disable snort installed within snorby spsa installation.

cheers,
salahudin

On 12/2/10 11:54 AM, Andres Carrera Rivera wrote:
ok I'm downloading the ISO.
But I have already installed snort on my machine (ubuntu), isn't there a
possibility to configured snorby, but with my snort IDS.

On 12/1/2010 10:45 PM, Salahudin Wan Khairuzzaman wrote:
Yes, u can try the pre-installed one.. less hectic :)

http://bailey.st/blog/snorby-spsa/


cheers,
salahudin
On 12/2/10 11:11 AM, Andres Carrera Rivera wrote:
I haven't heard about it.. I'll check it. but it graph at real time...
?

On 12/1/2010 10:05 PM, Salahudin Wan Khairuzzaman wrote:
have u try snorby? just submit the mysql output to snorby server to
process that..


cheers,
salahudin

On 12/2/10 10:36 AM, Andres Carrera Rivera wrote:
I read that I can draw graph using the perform monitor with the
snortstats file.
but how?
Is there a perl file called perfstats that work and create real time
statistics graph
any steps to do that..?

or is there other thing I can use to draw graph with snort.
I want real time traffic graph. to compare with others traffic
graph..

Thanks a lot!!


------------------------------------------------------------------------------


Increase Visibility of Your 3D Game App&   Earn a Chance To Win $500!
Tap into the largest installed PC base&   get more eyes on your
game by
optimizing for Intel(R) Graphics Technology. Get started today
with the
Intel(R) Software Partner Program. Five $500 cash prizes are up for
grabs.
http://p.sf.net/sfu/intelisp-dev2dev
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel


-- Salahudin Bin Wan Khairuzzaman
Malaysia Computer Emergency Response Team (MyCERT)
CyberSecurity Malaysia (An Agency Under MOSTI)
Level 7, SAPURA@MINES,
The MINES Resort City
43300 Seri Kembangan, Selangor
Malaysia

Main Line : +603 89926888 or 1-300-88-2999
Direct Line : +603 89926919
Fax : +603 89453442
Website : http://www.cybersecurity.org.my
Website : http://www.mycert.org.my

Disclaimer:
This email (and any attachment to it) is confidential and intended
solely for the use of the individual or entity to whom it is
addressed. CyberSecurity Malaysia assumes no liability whatsoever for
the content of this email or for the consequences of actions taken
based on such content unless it is subsequently confirmed in writing.
Unintended recipients are notified that disclosing, copying or
distributing of this email, or acting based on its contents, is
strictly prohibited; and you are to immediately and permanently delete
or destroy this email and notify the sender forthwith.


-- Salahudin Bin Wan Khairuzzaman
Malaysia Computer Emergency Response Team (MyCERT)
CyberSecurity Malaysia (An Agency Under MOSTI)
Level 7, SAPURA@MINES,
The MINES Resort City
43300 Seri Kembangan, Selangor
Malaysia

Main Line : +603 89926888 or 1-300-88-2999
Direct Line : +603 89926919
Fax : +603 89453442
Website : http://www.cybersecurity.org.my
Website : http://www.mycert.org.my


Disclaimer:

“This email (and any attachment to it) is confidential and intended
solely for the use of the individual or entity to whom it is
addressed. CyberSecurity Malaysia assumes no liability whatsoever for
the content of this email or for the consequences of actions taken
based on such content unless it is subsequently confirmed in writing.
Unintended recipients are notified that disclosing, copying or
distributing of this email, or acting based on its contents, is
strictly prohibited; and you are to immediately and permanently delete
or destroy this email and notify the sender forthwith.




- -- 
Salahudin Bin Wan Khairuzzaman
Malaysia Computer Emergency Response Team (MyCERT)
CyberSecurity Malaysia (An Agency Under MOSTI)
Level 7, SAPURA@MINES,
The MINES Resort City
43300 Seri Kembangan, Selangor
Malaysia

Main Line : +603 89926888 or 1-300-88-2999
Direct Line : +603 89926919
Fax : +603 89453442
Website : http://www.cybersecurity.org.my
Website : http://www.mycert.org.my
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJNADliAAoJEAgHMNrD1PZ3V/MH/3QX7VskzuBGfsY+p5pOwUXD
FFRjYL7RZskLGWdD06MhnlOW9aVz4SqaEA1Ml6qo3IB63H3+d3f7PD+8BWLcWHSV
H1swyzTNLsGrpdbHFwXwokpHpWVYovW4waxm/P/P9usZLwk2m21sLY2VQhezkja/
ykdoK2eac+RbiEqTS5sNJVHPX8iGUTI6mnT4/DSp6JW0tPTx95HsQpxTi3LUW8bX
TZ1r8q2mMm5e8G64JHwC/FAXm3Ep0voaDT6qfK0A9EJ9M49UAjRpLJGhSkzH1TUa
4b9+VXaJMkKQXxJWQsYL0mDAogpJAwgkxfV6RmsNCM3MR1/Jb71pUAfRpANuc3w=
=LWfp
-----END PGP SIGNATURE-----


Disclaimer:

“This email (and any attachment to it) is confidential and intended solely for the use of the individual or entity to 
whom it is addressed. CyberSecurity Malaysia assumes no liability whatsoever for the content of this email or for the 
consequences of actions taken based on such content unless it is subsequently confirmed in writing. Unintended 
recipients are notified that disclosing, copying or distributing of this email, or acting based on its contents, is 
strictly prohibited; and you are to immediately and permanently delete or destroy this email and notify the sender 
forthwith.


------------------------------------------------------------------------------
This SF Dev2Dev email is sponsored by:

WikiLeaks The End of the Free Internet
http://p.sf.net/sfu/therealnews-com
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel

Current thread: